From bcd864fea4ff250716137465f36f7fdc6ee11ce5 Mon Sep 17 00:00:00 2001
From: jitakirin <jitakirin@gmail.com>
Date: Thu, 25 Jun 2015 14:54:24 +0100
Subject: [PATCH 1/2] Add sshd_manage_service option

Allows disabling management of SSHd service completely, which is handy
when used in a container (where ansible is usually used during build
phase).
---
 README.md         | 9 ++++++++-
 defaults/main.yml | 5 ++++-
 tasks/main.yml    | 1 +
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 04475ae..41452c8 100644
--- a/README.md
+++ b/README.md
@@ -48,11 +48,18 @@ If set to True, don't apply default values. This means that you must have a
 complete set of configuration defaults via either the sshd dict, or sshd_Key
 variables. Defaults to *False*.
 
+* sshd_manage_service
+
+If set to False, the service/daemon won't be touched at all, i.e. will not try
+to enable on boot or start or reload the service.  Defaults to *True* unless
+running inside a docker container (it is assumed ansible is used during build
+phase).
+
 * sshd_allow_reload
 
 If set to False, a reload of sshd wont happen on change. This can help with
 troubleshooting. You'll need to manually reload sshd if you want to apply the
-changed configuration. Defaults to *True*.
+changed configuration. Defaults to the same value as ``sshd_manage_service``.
 
 * sshd
 
diff --git a/defaults/main.yml b/defaults/main.yml
index 27417d5..7621bcd 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -2,8 +2,11 @@
 ### USER OPTIONS
 # Don't apply OS defaults when set to true
 sshd_skip_defaults: false
+# If the below is false, don't manage the service or reload the SSH
+# daemon at all
+sshd_manage_service: "{{ False if ansible_virtualization_type == 'docker' else True }}"
 # If the below is false, don't reload the ssh deamon on change
-sshd_allow_reload: yes
+sshd_allow_reload: "{{ sshd_manage_service }}"
 # Empty dicts to avoid errors
 sshd: {}
 
diff --git a/tasks/main.yml b/tasks/main.yml
index 85eaf87..d3d12ea 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -39,6 +39,7 @@
     name: "{{ sshd_service }}"
     enabled: true
     state: running
+  when: sshd_manage_service
   tags:
     - sshd
 

From 951df8c65baf9413a7bb0838163a968fd1d65306 Mon Sep 17 00:00:00 2001
From: jitakirin <jitakirin@gmail.com>
Date: Thu, 25 Jun 2015 15:13:10 +0100
Subject: [PATCH 2/2] Ensure run directory exists

This is usually also done in service scripts during startup but those
aren't always used in containers.  Doesn't hurt ensuring it here.
---
 tasks/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tasks/main.yml b/tasks/main.yml
index d3d12ea..0a60944 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -23,6 +23,14 @@
   tags:
     - sshd
 
+- name: Run directory
+  file:
+    path: /var/run/sshd
+    state: directory
+    mode: 0755
+  tags:
+    - sshd
+
 - name: Configuration
   template:
     src: sshd_config.j2