From d4293d3c59247fc798854a8190bf4d99afdae12b Mon Sep 17 00:00:00 2001
From: Kris Lamoureux <KrisPublicEmail@gmail.com>
Date: Thu, 3 Sep 2020 23:26:55 -0400
Subject: [PATCH] Remove TLS 1.0 and TLS 1.1 support

---
 roles/traefik/files/tls.yml  | 4 ++++
 roles/traefik/tasks/main.yml | 9 +++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 roles/traefik/files/tls.yml

diff --git a/roles/traefik/files/tls.yml b/roles/traefik/files/tls.yml
new file mode 100644
index 0000000..33c705f
--- /dev/null
+++ b/roles/traefik/files/tls.yml
@@ -0,0 +1,4 @@
+tls:
+  options:
+    default:
+      minVersion: VersionTLS12
diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml
index f4b923d..fedf64b 100644
--- a/roles/traefik/tasks/main.yml
+++ b/roles/traefik/tasks/main.yml
@@ -9,6 +9,15 @@
     dest: "{{ traefik_root }}/config/traefik.yml"
   notify: restart_traefik
 
+- name: Install dynamic Traefik configuration
+  copy:
+    src: tls.yml
+    dest: "{{ traefik_root }}/config/dynamic/tls.yml"
+    owner: root
+    group: root
+    mode: 0600
+  notify: reload_traefik
+
 - name: Create Traefik network
   docker_network:
     name: traefik