mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-28 21:50:18 +01:00
Updates README
This commit is contained in:
parent
133543cc1f
commit
1c511219bf
2 changed files with 57 additions and 12 deletions
65
README.md
65
README.md
|
@ -44,25 +44,40 @@ Role variables
|
|||
Unconfigured, this role will provide a sshd_config that matches the OS default,
|
||||
minus the comments and in a different order.
|
||||
|
||||
* sshd_skip_defaults
|
||||
* `sshd_skip_defaults`
|
||||
|
||||
If set to True, don't apply default values. This means that you must have a
|
||||
complete set of configuration defaults via either the sshd dict, or sshd_Key
|
||||
variables. Defaults to *False*.
|
||||
|
||||
* sshd_manage_service
|
||||
* `sshd_manage_service`
|
||||
|
||||
If set to False, the service/daemon won't be touched at all, i.e. will not try
|
||||
to enable on boot or start or reload the service. Defaults to *True* unless
|
||||
running inside a docker container (it is assumed ansible is used during build
|
||||
phase).
|
||||
If set to False, the service/daemon won't be **managed** at all, i.e. will not
|
||||
try to enable on boot or start or reload the service. Defaults to *True*
|
||||
unless running inside a docker container (it is assumed ansible is used during
|
||||
build phase).
|
||||
|
||||
* sshd_allow_reload
|
||||
* `sshd_allow_reload`
|
||||
|
||||
If set to False, a reload of sshd wont happen on change. This can help with
|
||||
troubleshooting. You'll need to manually reload sshd if you want to apply the
|
||||
changed configuration. Defaults to the same value as ``sshd_manage_service``.
|
||||
|
||||
* `sshd_install_service`
|
||||
|
||||
If set to True, the role will install service files for the ssh service.
|
||||
Defaults to False.
|
||||
|
||||
The templates for the service files to be used are pointed to by the variables
|
||||
|
||||
- `sshd_service_template_service` (__default__: _templates/sshd.service.j2_)
|
||||
- `sshd_service_template_at_service` (__default__: _templates/sshd@.service.j2_)
|
||||
- `sshd_service_template_socket` (__default__: _templates/sshd.socket.j2_)
|
||||
|
||||
Using these variables, you can use your own custom templates. With the above
|
||||
default templates, the name of the installed ssh service will be provided by
|
||||
the `sshd_service` variable.
|
||||
|
||||
* sshd
|
||||
|
||||
A dict containing configuration. e.g.
|
||||
|
@ -74,7 +89,7 @@ sshd:
|
|||
- 0.0.0.0
|
||||
```
|
||||
|
||||
* ssh_...
|
||||
* `ssh_...`
|
||||
|
||||
Simple variables can be used rather than a dict. Simple values override dict
|
||||
values. e.g.:
|
||||
|
@ -99,14 +114,44 @@ ListenAddress 0.0.0.0
|
|||
ListenAddress ::
|
||||
```
|
||||
|
||||
* sshd_match
|
||||
* `sshd_match`
|
||||
|
||||
A list of dicts for a match section. See the example playbook.
|
||||
|
||||
* sshd_match_1 through sshd_match_9
|
||||
* `sshd_match_1` through `sshd_match_9`
|
||||
|
||||
A list of dicts or just a dict for a Match section.
|
||||
|
||||
### Secondary role variables
|
||||
|
||||
These variables are used by the role internals and can be used to override the
|
||||
defaults that correspond to each supported platform.
|
||||
|
||||
* `sshd_packages`
|
||||
|
||||
Use this variable to override the default list of packages to install.
|
||||
|
||||
* `sshd_config_owner`, `sshd_config_group`, `sshd_config_mode`
|
||||
|
||||
Use these variables to set the ownership and permissions for the openssh config
|
||||
file that this role produces.
|
||||
|
||||
* `sshd_config_file`
|
||||
|
||||
The path where the openssh configuration produced by this role should be saved.
|
||||
|
||||
* `sshd_binary`
|
||||
|
||||
The path to the openssh executable
|
||||
|
||||
* `sshd_service`
|
||||
|
||||
The name of the openssh service. By default, this variable contains the name of
|
||||
the ssh service that the target platform uses. But it can also be used to set
|
||||
the name of the custom ssh service when the `sshd_install_service` variable is
|
||||
used.
|
||||
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@ sshd: {}
|
|||
### VARS DEFAULTS
|
||||
### The following are defaults for OS specific configuration in var files in
|
||||
### this role. They should not be set directly by role users. If you really
|
||||
### need to override them,use the corresponding, unprefixed variables (eg
|
||||
### need to override them, use the corresponding, unprefixed variables (eg
|
||||
### `sshd_packages` to override __sshd_packages).
|
||||
__sshd_packages: []
|
||||
__sshd_config_owner: root
|
||||
|
@ -35,8 +35,8 @@ __sshd_config_mode: "0600"
|
|||
__sshd_config_file: /etc/ssh/sshd_config
|
||||
__sshd_binary: /usr/sbin/sshd
|
||||
__sshd_service: sshd
|
||||
__sshd_sftp_server: /usr/lib/openssh/sftp-server
|
||||
|
||||
### These variables are used by role internals and should not be used.
|
||||
__sshd_sftp_server: /usr/lib/openssh/sftp-server
|
||||
__sshd_defaults: {}
|
||||
__sshd_os_supported: no
|
||||
|
|
Loading…
Reference in a new issue