From fd43dbbb59bd79ddb58d87cc38b99497e2362582 Mon Sep 17 00:00:00 2001 From: Lars Kruse Date: Wed, 4 Jan 2023 13:25:05 +0100 Subject: [PATCH] docs: improve explanation of DH parameter condition --- tasks/configuration.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tasks/configuration.yml b/tasks/configuration.yml index 04a9e82..a04be16 100644 --- a/tasks/configuration.yml +++ b/tasks/configuration.yml @@ -15,8 +15,9 @@ - name: "apache | Generiere Diffie-Hellman-Parameter" openssl_dhparam: path: "{{ dhparams_path }}" - # All of our apache2 instances are currently running behind public reverse proxies. + # Most of our apache2 instances are currently running behind public reverse proxies. # Thus, they do not offer HTTPS and do not need DH parameters. + # The only possible exceptions are external hosts (e.g. orwell). when: "'extern_hosts' in group_names" - name: "configuration | Kopiere Dateien"