libretic/ansible-sshd
6
0
Fork 0
mirror of https://github.com/willshersystems/ansible-sshd synced 2024-11-28 21:50:18 +01:00
Code Issues Projects Releases Packages Wiki Activity

Updates README

Browse source
This commit is contained in:
Nikolaos Kakouros 2018-09-07 01:31:02 +02:00
parent 133543cc1f
commit 1c511219bf
2 changed files with 57 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
README.md
View file

@ -44,25 +44,40 @@ Role variables
Unconfigured, this role will provide a sshd_config that matches the OS default, Unconfigured, this role will provide a sshd_config that matches the OS default,
minus the comments and in a different order. minus the comments and in a different order.
* sshd_skip_defaults * `sshd_skip_defaults`
If set to True, don't apply default values. This means that you must have a If set to True, don't apply default values. This means that you must have a
complete set of configuration defaults via either the sshd dict, or sshd_Key complete set of configuration defaults via either the sshd dict, or sshd_Key
variables. Defaults to *False*. variables. Defaults to *False*.
* sshd_manage_service * `sshd_manage_service`
If set to False, the service/daemon won't be touched at all, i.e. will not try If set to False, the service/daemon won't be **managed** at all, i.e. will not
to enable on boot or start or reload the service. Defaults to *True* unless try to enable on boot or start or reload the service. Defaults to *True*
running inside a docker container (it is assumed ansible is used during build unless running inside a docker container (it is assumed ansible is used during
phase). build phase).
* sshd_allow_reload * `sshd_allow_reload`
If set to False, a reload of sshd wont happen on change. This can help with If set to False, a reload of sshd wont happen on change. This can help with
troubleshooting. You'll need to manually reload sshd if you want to apply the troubleshooting. You'll need to manually reload sshd if you want to apply the
changed configuration. Defaults to the same value as ``sshd_manage_service``. changed configuration. Defaults to the same value as ``sshd_manage_service``.
* `sshd_install_service`
If set to True, the role will install service files for the ssh service.
Defaults to False.
The templates for the service files to be used are pointed to by the variables
- `sshd_service_template_service` (__default__: _templates/sshd.service.j2_)
- `sshd_service_template_at_service` (__default__: _templates/sshd@.service.j2_)
- `sshd_service_template_socket` (__default__: _templates/sshd.socket.j2_)
Using these variables, you can use your own custom templates. With the above
default templates, the name of the installed ssh service will be provided by
the `sshd_service` variable.
* sshd * sshd
A dict containing configuration. e.g. A dict containing configuration. e.g.
@ -74,7 +89,7 @@ sshd:
- 0.0.0.0 - 0.0.0.0
``` ```
* ssh_... * `ssh_...`
Simple variables can be used rather than a dict. Simple values override dict Simple variables can be used rather than a dict. Simple values override dict
values. e.g.: values. e.g.:
@ -99,14 +114,44 @@ ListenAddress 0.0.0.0
ListenAddress :: ListenAddress ::
``` ```
* sshd_match * `sshd_match`
A list of dicts for a match section. See the example playbook. A list of dicts for a match section. See the example playbook.
* sshd_match_1 through sshd_match_9 * `sshd_match_1` through `sshd_match_9`
A list of dicts or just a dict for a Match section. A list of dicts or just a dict for a Match section.
### Secondary role variables
These variables are used by the role internals and can be used to override the
defaults that correspond to each supported platform.
* `sshd_packages`
Use this variable to override the default list of packages to install.
* `sshd_config_owner`, `sshd_config_group`, `sshd_config_mode`
Use these variables to set the ownership and permissions for the openssh config
file that this role produces.
* `sshd_config_file`
The path where the openssh configuration produced by this role should be saved.
* `sshd_binary`
The path to the openssh executable
* `sshd_service`
The name of the openssh service. By default, this variable contains the name of
the ssh service that the target platform uses. But it can also be used to set
the name of the custom ssh service when the `sshd_install_service` variable is
used.
Dependencies Dependencies
------------ ------------

4
defaults/main.yml
View file

@ -26,7 +26,7 @@ sshd: {}
### VARS DEFAULTS ### VARS DEFAULTS
### The following are defaults for OS specific configuration in var files in ### The following are defaults for OS specific configuration in var files in
### this role. They should not be set directly by role users. If you really ### this role. They should not be set directly by role users. If you really
### need to override them,use the corresponding, unprefixed variables (eg ### need to override them, use the corresponding, unprefixed variables (eg
### `sshd_packages` to override __sshd_packages). ### `sshd_packages` to override __sshd_packages).
__sshd_packages: [] __sshd_packages: []
__sshd_config_owner: root __sshd_config_owner: root
@ -35,8 +35,8 @@ __sshd_config_mode: "0600"
__sshd_config_file: /etc/ssh/sshd_config __sshd_config_file: /etc/ssh/sshd_config
__sshd_binary: /usr/sbin/sshd __sshd_binary: /usr/sbin/sshd
__sshd_service: sshd __sshd_service: sshd
__sshd_sftp_server: /usr/lib/openssh/sftp-server
### These variables are used by role internals and should not be used. ### These variables are used by role internals and should not be used.
__sshd_sftp_server: /usr/lib/openssh/sftp-server
__sshd_defaults: {} __sshd_defaults: {}
__sshd_os_supported: no __sshd_os_supported: no