docs: improve explanation of DH parameter condition

2023-01-04 13:25:05 +01:00 · 2023-01-04 13:25:05 +01:00 · fd43dbbb59
commit fd43dbbb59
parent 9d9b6deb5e
1 changed files with 2 additions and 1 deletions
--- a/tasks/configuration.yml
+++ b/tasks/configuration.yml
@ -15,8 +15,9 @@
 - name: "apache | Generiere Diffie-Hellman-Parameter"
  openssl_dhparam:
    path: "{{ dhparams_path }}"
-  # All of our apache2 instances are currently running behind public reverse proxies.
+  # Most of our apache2 instances are currently running behind public reverse proxies.
  # Thus, they do not offer HTTPS and do not need DH parameters.
+  # The only possible exceptions are external hosts (e.g. orwell).
  when: "'extern_hosts' in group_names"

 - name: "configuration | Kopiere Dateien"