docs: Update sshd vars references to sshd_config

2024-11-08 12:53:29 +01:00 · 2024-09-13 18:31:14 +01:00 · 2024-09-13 18:31:14 +01:00 · 82e6eb7a9e
commit 82e6eb7a9e
parent f961b0fc21
4 changed files with 12 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -130,17 +130,20 @@ NOTE: `sshd_manage_selinux` is limited to *adding* policy. It cannot be used
 for *removing* policy. If you want to remove ports, you will need to use the
 selinux system role directly.

-#### sshd
+#### sshd_config

 A dict containing configuration.  e.g.

 ```yaml
-sshd:
+sshd_config:
  Compression: delayed
  ListenAddress:
    - 0.0.0.0
 ```

+*Note*: This variable was previous called `sshd`. `sshd` is can still be used
+but is deprecated and will be removed in a future release.
+
 #### sshd_`<OptionName>`

 Simple variables can be used rather than a dict. Simple values override dict
@ -344,7 +347,7 @@ Use these variables to set the ownership and permissions for the Authorized Prin
 The SSH server needs this information stored in files so in addition to the above variables, respective configuration options `TrustedUserCAKeys` (mandatory) and `AuthorizedPrincipalsFile` (optional) need to be present the `sshd` dictionary when invoking the role. For example:

 ```yaml
-sshd:
+sshd_config:
  TrustedUserCAKeys: /etc/ssh/path-to-trusted-user-ca-keys/trusted-user-ca-keys.pub
  AuthorizedPrincipalsFile: "/etc/ssh/path-to-auth-principals/auth_principals/%u"
 ```
@ -370,7 +373,7 @@ provides. Running it will likely break your SSH access to the server!
 - hosts: all
  vars:
    sshd_skip_defaults: true
-    sshd:
+    sshd_config:
      Compression: true
      ListenAddress:
        - "0.0.0.0"
@ -413,7 +416,7 @@ for example:
      name: willshersystems.sshd
    vars:
      sshd_skip_defaults: true
-      sshd:
+      sshd_config:
        Compression: true
        ListenAddress:
          - "0.0.0.0"
@ -440,7 +443,7 @@ option:
      name: willshersystems.sshd
    vars:
      sshd_config_namespace: accept-env
-      sshd:
+      sshd_config:
        # there are some handy environment variables to accept
        AcceptEnv:
          LANG
--- a/examples/example-accept-env.yml
+++ b/examples/example-accept-env.yml
@ -7,7 +7,7 @@
        name: ansible-sshd
      vars:
        sshd_config_namespace: accept-env
-        sshd:
+        sshd_config:
          # there are some handy environment variables to accept
          AcceptEnv:
            LANG
--- a/examples/example-root-login.yml
+++ b/examples/example-root-login.yml
@ -6,7 +6,7 @@
      ansible.builtin.include_role:
        name: ansible-sshd
      vars:
-        sshd:
+        sshd_config:
          # root login and password login is enabled only from a particular subnet
          PermitRootLogin: false
          PasswordAuthentication: false
--- a/examples/example-use-certificates.yml
+++ b/examples/example-use-certificates.yml
@ -6,7 +6,7 @@
      ansible.builtin.include_role:
        name: ansible-sshd
      vars:
-        sshd:
+        sshd_config:
          # Disable password authentication, use SSH Certificates and configure authorized principals
          PasswordAuthentication: false
          TrustedUserCAKeys: /etc/ssh/trusted-user-ca-keys.pub