Rename sshd_namespace_append to sshd_config_namespace

This commit is contained in:
Jakub Jelen 2021-06-10 21:46:06 +02:00 committed by Jakub Jelen
parent 00ad695691
commit 8a85e7309b
6 changed files with 20 additions and 19 deletions

View file

@ -113,8 +113,8 @@ script:
&& (echo 'Backup test: pass' && exit 0)
|| (echo 'Backup test: fail' && exit 1)
# Test 13: Verify configuration append
# Test 13: Verify configuration namespace
- >
ANSIBLE_FORCE_COLOR=1 ansible-playbook -i tests/inventory tests/tests_namespace_append.yml --connection=local --become -v
&& (echo 'Append test: pass' && exit 0)
|| (echo 'Append test: fail' && exit 1)
ANSIBLE_FORCE_COLOR=1 ansible-playbook -i tests/inventory tests/tests_config_namespace.yml --connection=local --become -v
&& (echo 'Namespace test: pass' && exit 0)
|| (echo 'Namespace test: fail' && exit 1)

View file

@ -53,7 +53,7 @@ If set to *false*, the role will be completely disabled. Defaults to *true*.
If set to *true*, don't apply default values. This means that you must have a
complete set of configuration defaults via either the `sshd` dict, or
`sshd_Key` variables. Defaults to *false* unless `sshd_namespace_append` is
`sshd_Key` variables. Defaults to *false* unless `sshd_config_namespace` is
set.
* `sshd_manage_service`
@ -157,7 +157,7 @@ if the system does not have hardware random number generator.
The path where the openssh configuration produced by this role should be saved.
This is useful mostly when generating configuration snippets to Include.
* `sshd_namespace_append`
* `sshd_config_namespace`
By default (*null*), the role defines whole content of the configuration file
including system defaults. You can use this variable to invoke this role from
@ -302,7 +302,7 @@ for example:
X11Forwarding: yes
```
You can just append a configuration snippet with the `sshd_namespace_append`
You can just add a configuration snippet with the `sshd_config_namespace`
option:
```
---
@ -312,7 +312,7 @@ option:
include_role:
name: ansible-sshd
vars:
sshd_namespace_append: accept-env
sshd_config_namespace: accept-env
sshd:
# there are some handy environment variables to accept
AcceptEnv:
@ -320,7 +320,8 @@ option:
LS_COLORS
EDITOR
```
The following snippet will be appended to the default configuration file:
The following snippet will be added to the default configuration file
(if not yet present):
```
# BEGIN sshd system role managed block: namespace accept-env
Match all

View file

@ -65,9 +65,9 @@ sshd_hostkey_owner: "{{ __sshd_hostkey_owner }}"
sshd_hostkey_group: "{{ __sshd_hostkey_group }}"
sshd_hostkey_mode: "{{ __sshd_hostkey_mode }}"
# instead of replacing the whole configuration file, just append a specified
# instead of replacing the whole configuration file, just add a specified
# snippet
sshd_namespace_append: null
sshd_config_namespace: null
### These variables are used by role internals and should not be used.
__sshd_defaults: {}

View file

@ -5,7 +5,7 @@
include_role:
name: ansible-sshd
vars:
sshd_namespace_append: accept-env
sshd_config_namespace: accept-env
sshd:
# there are some handy environment variables to accept
AcceptEnv:

View file

@ -116,7 +116,7 @@
{% endif %}
backup: "{{ sshd_backup }}"
notify: reload_sshd
when: sshd_namespace_append is none
when: sshd_config_namespace is none
- name: Update configuration file snippet
vars:
@ -130,7 +130,7 @@
Match all
{{ lookup('template', 'sshd_config_snippet.j2') }}
create: yes
marker: "# {mark} sshd system role managed block: namespace {{ sshd_namespace_append }}"
marker: "# {mark} sshd system role managed block: namespace {{ sshd_config_namespace }}"
validate: >-
{% if sshd_test_hostkey is defined and sshd_test_hostkey.path is defined %}
{{ sshd_binary }} -t -f %s -h {{ sshd_test_hostkey.path }}/rsa_key
@ -139,7 +139,7 @@
{% endif %}
backup: "{{ sshd_backup }}"
notify: reload_sshd
when: sshd_namespace_append is not none
when: sshd_config_namespace is not none
rescue:
- name: re-raise the error

View file

@ -7,12 +7,12 @@
- name: "Backup configuration files"
include_tasks: tasks/backup.yml
- name: Append configuration block to default configuration file
- name: Add configuration block to default configuration file
include_role:
name: ansible-sshd
vars:
sshd_config_file: /etc/ssh/sshd_config
sshd_namespace_append: nm1
sshd_config_namespace: nm1
sshd:
AcceptEnv: EDITOR
PasswordAuthentication: yes
@ -20,12 +20,12 @@
Condition: user root
AllowAgentForwarding: no
- name: Append second configuration block to default configuration file
- name: Add second configuration block to default configuration file
include_role:
name: ansible-sshd
vars:
sshd_config_file: /etc/ssh/sshd_config
sshd_namespace_append: nm2
sshd_config_namespace: nm2
sshd:
AcceptEnv: LS_COLORS
PasswordAuthentication: no