2014-12-18 23:12:51 +01:00
|
|
|
---
|
2014-12-22 10:25:31 +01:00
|
|
|
### USER OPTIONS
|
|
|
|
# Don't apply OS defaults when set to true
|
|
|
|
sshd_skip_defaults: false
|
2018-08-25 23:39:06 +02:00
|
|
|
|
2015-06-25 15:54:24 +02:00
|
|
|
# If the below is false, don't manage the service or reload the SSH
|
|
|
|
# daemon at all
|
2017-05-04 15:31:26 +02:00
|
|
|
sshd_manage_service: true
|
2018-08-25 23:39:06 +02:00
|
|
|
|
|
|
|
# If the below is true, also install service files from the templates pointed
|
|
|
|
# to by the `sshd_service_template_*` variables
|
|
|
|
sshd_install_service: false
|
|
|
|
sshd_service_template_service: sshd.service.j2
|
|
|
|
sshd_service_template_at_service: sshd@.service.j2
|
|
|
|
sshd_service_template_socket: sshd.socket.j2
|
|
|
|
|
2017-08-16 11:11:31 +02:00
|
|
|
# If the below is false, don't reload the ssh daemon on change
|
2017-05-04 15:31:26 +02:00
|
|
|
sshd_allow_reload: true
|
2018-08-25 23:39:06 +02:00
|
|
|
|
2018-07-27 16:08:17 +02:00
|
|
|
# If the below is true, create a backup of the config file when the template is copied
|
|
|
|
sshd_backup: false
|
2018-08-25 23:48:09 +02:00
|
|
|
|
2014-12-22 10:25:31 +01:00
|
|
|
# Empty dicts to avoid errors
|
|
|
|
sshd: {}
|
|
|
|
|
|
|
|
### VARS DEFAULTS
|
|
|
|
### The following are defaults for OS specific configuration in var files in
|
2018-08-25 23:39:06 +02:00
|
|
|
### this role. They should not be set directly by role users. If you really
|
|
|
|
### need to override them,use the corresponding, unprefixed variables (eg
|
|
|
|
### `sshd_packages` to override __sshd_packages).
|
|
|
|
__sshd_packages: []
|
|
|
|
__sshd_config_owner: root
|
|
|
|
__sshd_config_group: root
|
|
|
|
__sshd_config_mode: "0600"
|
|
|
|
__sshd_config_file: /etc/ssh/sshd_config
|
|
|
|
__sshd_binary: /usr/sbin/sshd
|
|
|
|
__sshd_service: sshd
|
|
|
|
__sshd_sftp_server: /usr/lib/openssh/sftp-server
|
|
|
|
|
|
|
|
### These variables are used by role internals and should not be used.
|
|
|
|
__sshd_defaults: {}
|
|
|
|
__sshd_os_supported: no
|