ansible-sshd/templates/sshd_config.j2

109 lines
5.7 KiB
Text
Raw Normal View History

2014-12-18 23:12:51 +01:00
# {{ ansible_managed }}
{% macro render_option(key,override) %}
{% if override is defined %}
{% set value = override %}
{% elif sshd[key] is defined %}
{% set value = sshd[key] %}
2014-12-22 10:25:31 +01:00
{% elif sshd_defaults[key] is defined and sshd_skip_defaults != true %}
{% set value = sshd_defaults[key] %}
{% endif %}
{% if value is defined %}
{% if value is sameas true %}
{{ key }} yes
{% elif value is sameas false %}
{{ key }} no
{% elif value is string or value is number %}
{{ key }} {{ value }}
{% else %}
{% for i in value %}
{{ key }} {{ i }}
{% endfor %}
{% endif %}
{% endif %}
{% endmacro %}
2014-12-22 10:41:32 +01:00
{{ render_option("Port",sshd_Port) -}}
{{ render_option("ListenAddress",sshd_ListenAddress) -}}
{{ render_option("Protocol",sshd_Protocol) -}}
{{ render_option("HostKey",sshd_HostKey) -}}
{{ render_option("AcceptEnv",sshd_AcceptEnv) -}}
{{ render_option("AddressFamily",sshd_AddressFamily) -}}
{{ render_option("AllowAgentForwarding",sshd_AllowAgentForwarding) -}}
{{ render_option("AllowGroups",sshd_AllowGroups) -}}
{{ render_option("AllowTcpForwarding",sshd_AllowTcpForwarding) -}}
{{ render_option("AllowUsers",sshd_AllowUsers) -}}
{{ render_option("AuthenticationMethods",sshd_AuthenticationMethods) -}}
{{ render_option("AuthorizedKeysCommand",sshd_AuthorizedKeysCommand) -}}
{{ render_option("AuthorizedKeysCommandUser",sshd_AuthorizedKeysCommandUser) -}}
{{ render_option("AuthorizedKeysFile",sshd_AuthorizedKeysFile) -}}
{{ render_option("AuthorizedPrincipalsFile",sshd_AuthorizedPrincipalsFile) -}}
{{ render_option("Banner",sshd_Banner) -}}
{{ render_option("ChallengeResponseAuthentication",sshd_ChallengeResponseAuthentication) -}}
{{ render_option("ChrootDirectory",sshd_ChrootDirectory) -}}
{{ render_option("Ciphers",sshd_Ciphers) -}}
{{ render_option("ClientAliveCountMax",sshd_ClientAliveCountMax) -}}
{{ render_option("ClientAliveInterval",sshd_ClientAliveInterval) -}}
{{ render_option("Compression",sshd_Compression) -}}
{{ render_option("DenyGroups",sshd_DenyGroups) -}}
{{ render_option("DenyUsers",sshd_DenyUsers) -}}
{{ render_option("ForceCommand",sshd_ForceCommand) -}}
{{ render_option("GSSAPIAuthentication",sshd_GSSAPIAuthentication) -}}
{{ render_option("GSSAPICleanupCredentials",sshd_GSSAPICleanupCredentials) -}}
{{ render_option("GSSAPIKeyExchange",sshd_GSSAPIKeyExchange) -}}
{{ render_option("GSSAPIStoreCredentialsOnRekey",sshd_GSSAPIStoreCredentialsOnRekey) -}}
{{ render_option("GSSAPIStrictAcceptorCheck",sshd_GSSAPIStrictAcceptorCheck) -}}
{{ render_option("GatewayPorts",sshd_GatewayPorts) -}}
{{ render_option("HPNBufferSize",sshd_HPNBufferSize) -}}
{{ render_option("HPNDisabled",sshd_HPNDisabled) -}}
{{ render_option("HostCertificate",sshd_HostCertificate) -}}
{{ render_option("HostKeyAgent",sshd_HostKeyAgent) -}}
{{ render_option("HostbasedAuthentication",sshd_HostbasedAuthentication) -}}
{{ render_option("HostbasedUsesNameFromPacketOnly",sshd_HostbasedUsesNameFromPacketOnly) -}}
{{ render_option("IPQoS",sshd_IPQoS) -}}
{{ render_option("IgnoreRhosts",sshd_IgnoreRhosts) -}}
{{ render_option("IgnoreUserKnownHosts",sshd_IgnoreUserKnownHosts) -}}
{{ render_option("KbdInteractiveAuthentication",sshd_KbdInteractiveAuthentication) -}}
{{ render_option("KerberosAuthentication",sshd_KerberosAuthentication) -}}
{{ render_option("KerberosGetAFSToken",sshd_KerberosGetAFSToken) -}}
{{ render_option("KerberosOrLocalPasswd",sshd_KerberosOrLocalPasswd) -}}
{{ render_option("KerberosTicketCleanup",sshd_KerberosTicketCleanup) -}}
{{ render_option("KexAlgorithms",sshd_KexAlgorithms) -}}
{{ render_option("KeyRegenerationInterval",sshd_KeyRegenerationInterval) -}}
{{ render_option("LogLevel",sshd_LogLevel) -}}
{{ render_option("LoginGraceTime",sshd_LoginGraceTime) -}}
{{ render_option("MACs",sshd_MACs) -}}
{{ render_option("MaxAuthTries",sshd_MaxAuthTries) -}}
{{ render_option("MaxSessions",sshd_MaxSessions) -}}
{{ render_option("MaxStartups",sshd_MaxStartups) -}}
{{ render_option("NoneEnabled",sshd_NoneEnabled) -}}
{{ render_option("PasswordAuthentication",sshd_PasswordAuthentication) -}}
{{ render_option("PermitEmptyPasswords",sshd_PermitEmptyPasswords) -}}
{{ render_option("PermitOpen",sshd_PermitOpen) -}}
{{ render_option("PermitRootLogin",sshd_PermitRootLogin) -}}
{{ render_option("PermitTTY",sshd_PermitTTY) -}}
{{ render_option("PermitTunnel",sshd_PermitTunnel) -}}
{{ render_option("PermitUserEnvironment",sshd_PermitUserEnvironment) -}}
{{ render_option("PidFile",sshd_PidFile) -}}
{{ render_option("PrintLastLog",sshd_PrintLastLog) -}}
{{ render_option("PrintMotd",sshd_PrintMotd) -}}
{{ render_option("PubkeyAuthentication",sshd_PubkeyAuthentication) -}}
{{ render_option("RSAAuthentication",sshd_RSAAuthentication) -}}
{{ render_option("RekeyLimit",sshd_RekeyLimit) -}}
{{ render_option("RevokedKeys",sshd_RevokedKeys) -}}
{{ render_option("RhostsRSAAuthentication",sshd_RhostsRSAAuthentication) -}}
{{ render_option("ServerKeyBits",sshd_ServerKeyBits) -}}
{{ render_option("StrictModes",sshd_StrictModes) -}}
{{ render_option("Subsystem",sshd_Subsystem) -}}
{{ render_option("SyslogFacility",sshd_SyslogFacility) -}}
{{ render_option("TCPKeepAlive",sshd_TCPKeepAlive) -}}
{{ render_option("TcpRcvBufPoll",sshd_TcpRcvBufPoll) -}}
{{ render_option("TrustedUserCAKeys",sshd_TrustedUserCAKeys) -}}
{{ render_option("UseDNS",sshd_UseDNS) -}}
{{ render_option("UseLogin",sshd_UseLogin) -}}
{{ render_option("UsePAM",sshd_UsePAM) -}}
{{ render_option("UsePrivilegeSeparation",sshd_UsePrivilegeSeparation) -}}
{{ render_option("VersionAddendum",sshd_VersionAddendum) -}}
{{ render_option("X11DisplayOffset",sshd_X11DisplayOffset) -}}
{{ render_option("X11Forwarding",sshd_X11Forwarding) -}}
{{ render_option("X11UseLocalhost",sshd_X11UseLocalhost) -}}
{{ render_option("XAuthLocation",sshd_XAuthLocation) -}}