libretic/ansible-sshd
6
0
Fork 0
mirror of https://github.com/willshersystems/ansible-sshd synced 2024-11-12 22:50:17 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #203 from willshersystems/housekeeping

Browse source 
Housekeeping
This commit is contained in:
Matt Willsher 2022-09-09 10:23:09 +01:00 committed by GitHub
commit 29eec237be
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 6 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.pre-commit-config.yaml
View file

@ -1,14 +1,14 @@
--- ---
repos: repos:
- repo: https://github.com/adrienverge/yamllint.git - repo: https://github.com/adrienverge/yamllint.git
rev: v1.26.3 rev: v1.27.1
hooks: hooks:
- id: yamllint - id: yamllint
files: \.(yaml|yml)$ files: \.(yaml|yml)$
types: [file, yaml] types: [file, yaml]
entry: yamllint --strict entry: yamllint --strict
- repo: https://github.com/ansible/ansible-lint.git - repo: https://github.com/ansible/ansible-lint.git
rev: v6.2.2 rev: v6.5.2
hooks: hooks:
- id: ansible-lint - id: ansible-lint
files: \.(yaml|yml)$ files: \.(yaml|yml)$

27
CHANGELOG
View file

@ -1,27 +0,0 @@
0.2.5 23 January 2014 Matt Willsher <matt@willsher.systems>
- Fix for sftp-server install on Debian removing openssh-sftp-server. Thanks to @ricbra
- Reinstate defaults.yml as fall through
0.2.4 13 January 2014 Matt Willsher <matt@willsher.systems>
- Allow reload to be skipped
- Test for OS support
- Documentation improvements
0.2.3 13 January 2014 Matt Willsher <matt@willsher.systems>
- Fixed HostbasedAuthentication typo
0.2.2 13 January 2014 Matt Willsher <matt@willsher.systems>
- Add warnings to README
- Tidy up naming
- Remove blacklist packages from Debian based distros
0.2.1 12 January 2014 Matt Willsher <matt@willsher.systems>
- Standardise README.md format
- Add basic Travis CI testing
- Add networking metadata type
0.2.0 04 January 2014 Matt Willsher <matt@willsher.systems>
- Change var file search order
- Add Arch Linux defaults (thanks GitHub user @brenix).
- A number of typo fixes (again, thanks @brenix), including UsePrivilegeSeparation.
- A Ubuntu precise defaults.
- A Debian jessie defaults.
- Unknown Ubuntu and Debian versions default to wheezy defaults.
- License to LGPL
0.1.0 25 December 2014 Matt Willsher <matt@willsher.systems>
- Initial release

37
Vagrantfile vendored
View file

@ -1,37 +0,0 @@
# vi: set ft=ruby :
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.synced_folder ".", "/vagrant", type: "nfs"
config.vm.define "ubuntu" do |ubuntu|
ubuntu.vm.box = "boxcutter/ubuntu1604"
# ubuntu.vm.provision "shell", inline: <<-SHELL
# sudo add-apt-repository -y ppa:ansible/ansible
# sudo apt-get update -qq
# sudo apt-get -qq install ansible
# SHELL
end
config.vm.define "centos7" do |centos|
centos.vm.box = "centos/7"
centos.vm.provision "shell", inline: <<-SHELL
sudo yum install -y libselinux-python
SHELL
end
config.vm.provision "shell", inline: <<-SHELL
test -e /vagrant/tests/roles/ansible-sshd || ln -s /vagrant /vagrant/tests/roles/ansible-sshd
SHELL
config.vm.provision "ansible_local" do |ansible|
# ansible.config_file = "tests/ansible.cfg"
ansible.playbook = "tests/test.yml"
ansible.install = true
end
end

5
tasks/install.yml
View file

@ -61,7 +61,7 @@
{{ __sshd_verify_hostkeys_default | to_json }} {{ __sshd_verify_hostkeys_default | to_json }}
{% endif %} {% endif %}
{% elif __sshd_hostkeys_from_config | from_json is string %} {% elif __sshd_hostkeys_from_config | from_json is string %}
{{ [ __sshd_hostkeys_from_config | from_json ] | to_json }} {{ [__sshd_hostkeys_from_config | from_json] | to_json }}
{% else %} {% else %}
{{ __sshd_hostkeys_from_config }} {{ __sshd_hostkeys_from_config }}
{% endif %} {% endif %}
@ -70,7 +70,6 @@
{% endif %} {% endif %}
block: block:
- name: Make sure hostkeys are available - name: Make sure hostkeys are available
# noqa var-spacing
ansible.builtin.shell: | ansible.builtin.shell: |
set -eu set -eu
if set -o | grep pipefail 2>&1 /dev/null ; then if set -o | grep pipefail 2>&1 /dev/null ; then
@ -130,7 +129,7 @@
when: sshd_config_namespace is not none when: sshd_config_namespace is not none
rescue: rescue:
- name: re-raise the error - name: Re-raise the error
ansible.builtin.fail: ansible.builtin.fail:
msg: "{{ ansible_failed_result }}" msg: "{{ ansible_failed_result }}"
always: always:

4
tasks/install_service.yml
View file

@ -25,7 +25,7 @@
group: root group: root
mode: "0644" mode: "0644"
notify: reload_sshd notify: reload_sshd
when: sshd_install_service|bool when: sshd_install_service | bool
- name: Service enabled and running - name: Service enabled and running
ansible.builtin.service: ansible.builtin.service:
@ -39,7 +39,7 @@
# Due to ansible bug 21026, cannot use service module on RHEL 7 # Due to ansible bug 21026, cannot use service module on RHEL 7
- name: Enable service in chroot - name: Enable service in chroot
ansible.builtin.command: systemctl enable {{ sshd_service }} # noqa 303 ansible.builtin.command: systemctl enable {{ sshd_service }} # noqa command-instead-of-module
when: when:
- ansible_connection == 'chroot' - ansible_connection == 'chroot'
- ansible_os_family == 'RedHat' - ansible_os_family == 'RedHat'