initial ansible code

roles/nginx/templates/ssl.conf.j2

@@ -0,0 +1,17 @@
+## Managed by Ansible ##
+
+# Configure SSL
+    ssl_ciphers "{{ nginx_ssl_ciphers }}";
+    ssl_protocols {{ nginx_ssl_protocols }};
+    ssl_prefer_server_ciphers off;
+    ssl_early_data on;
+    ssl_dhparam {{ nginx_ssl_dhparam }};
+# OCSP Stapling fetch OCSP records from URL in ssl_certificate and cache them
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001];
+# SSL session handling
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 1d;
+    ssl_session_tickets off;
+    ssl_buffer_size 4k;