diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 09621d7..abf36bb 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -6,33 +6,33 @@ jobs: test-ansible28: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Lint Ansible Playbook - uses: ansible/ansible-lint-action@master - with: - targets: "tests/test.yml" - override-deps: | - ansible==2.8 - args: "" + - uses: actions/checkout@v2 + - name: Lint Ansible Playbook + uses: ansible/ansible-lint-action@master + with: + targets: "tests/test.yml" + override-deps: | + ansible==2.8 + args: "" test-ansible29: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Lint Ansible Playbook - uses: ansible/ansible-lint-action@master - with: - targets: "tests/test.yml" - override-deps: | - ansible==2.9 - args: "" + - uses: actions/checkout@v2 + - name: Lint Ansible Playbook + uses: ansible/ansible-lint-action@master + with: + targets: "tests/test.yml" + override-deps: | + ansible==2.9 + args: "" test-ansible210: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Lint Ansible Playbook - uses: ansible/ansible-lint-action@master - with: - targets: "tests/test.yml" - override-deps: | - ansible==2.10 - args: "" + - uses: actions/checkout@v2 + - name: Lint Ansible Playbook + uses: ansible/ansible-lint-action@master + with: + targets: "tests/test.yml" + override-deps: | + ansible==2.10 + args: "" diff --git a/handlers/main.yml b/handlers/main.yml index dab5dfb..5d90a93 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -11,7 +11,7 @@ - ansible_os_family != 'AIX' listen: reload_sshd -# sshd on AIX cannot be 'reloaded', it must be Stopped+Started. +# sshd on AIX cannot be 'reloaded', it must be Stopped+Started. # It's dangerous to do this in two tasks.. you're stopping SSH and then trying to SSH back in to start it. # Instead, use a dirty shell script: # https://www.ibm.com/developerworks/community/blogs/brian/entry/scripting_the_stop_and_restart_of_src_controlled_processes_on_aix6 diff --git a/meta/main.yml b/meta/main.yml index edc1937..9a9e480 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,50 +6,50 @@ galaxy_info: license: LGPLv3 min_ansible_version: 2.8 platforms: - - name: Debian - versions: - - wheezy - - jessie - - stretch - - buster - - name: Ubuntu - versions: - - precise - - trusty - - xenial - - bionic - - focal - - name: FreeBSD - version: - - 10.1 - - name: EL - versions: - - 6 - - 7 - - 8 - - name: Fedora - versions: - - 22 - - 23 - - name: OpenBSD - versions: - - 6.0 - - name: AIX - versions: - - 7.1 - - 7.2 + - name: Debian + versions: + - wheezy + - jessie + - stretch + - buster + - name: Ubuntu + versions: + - precise + - trusty + - xenial + - bionic + - focal + - name: FreeBSD + version: + - 10.1 + - name: EL + versions: + - 6 + - 7 + - 8 + - name: Fedora + versions: + - 22 + - 23 + - name: OpenBSD + versions: + - 6.0 + - name: AIX + versions: + - 7.1 + - 7.2 galaxy_tags: - - networking - - system - - ssh - - openssh - - sshd - - server - - ubuntu - - debian - - centos - - redhat - - freebsd - - openbsd - - aix + - networking + - system + - ssh + - openssh + - sshd + - server + - ubuntu + - debian + - centos + - redhat + - freebsd + - openbsd + - aix dependencies: [] diff --git a/tasks/install.yml b/tasks/install.yml index c79f8b0..99b6f88 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,7 +1,7 @@ --- - name: OS is supported meta: end_host - when: + when: - not __sshd_os_supported|bool - name: Install ssh packages diff --git a/vars/AIX.yml b/vars/AIX.yml index c6c2637..705fe37 100644 --- a/vars/AIX.yml +++ b/vars/AIX.yml @@ -1,6 +1,8 @@ --- __sshd_config_mode: '0644' -__sshd_packages: [ ] # sshd is not installed by yum / AIX toolbox for Linux. You'll need to manually install them using AIX Web Download Packs. +# sshd is not installed by yum / AIX toolbox for Linux. +# You'll need to manually install them using AIX Web Download Packs. +__sshd_packages: [] __sshd_sftp_server: /usr/sbin/sftp-server __sshd_config_group: system __sshd_defaults: diff --git a/vars/Debian_10.yml b/vars/Debian_10.yml index 1ce1d22..ef6b7ca 100644 --- a/vars/Debian_10.yml +++ b/vars/Debian_10.yml @@ -10,7 +10,7 @@ __sshd_defaults: HostKey: - /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_ed25519_key - HostKeyAlgorithms: ssh-ed25519,ecdsa-sha2-nistp256,ssh-rsa,ssh-ed25519-cert-v01@openssh.com + HostKeyAlgorithms: ssh-ed25519,ecdsa-sha2-nistp256,ssh-rsa,ssh-ed25519-cert-v01@openssh.com KexAlgorithms: curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256 MACs: umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com SyslogFacility: AUTH diff --git a/vars/RedHat_7.yml b/vars/RedHat_7.yml index d88a56a..553313f 100644 --- a/vars/RedHat_7.yml +++ b/vars/RedHat_7.yml @@ -14,8 +14,8 @@ __sshd_defaults: ChallengeResponseAuthentication: no GSSAPIAuthentication: yes GSSAPICleanupCredentials: yes -# Note that UsePAM: no is not supported under RHEL/CentOS. See -# https://github.com/willshersystems/ansible-sshd/pull/51#issuecomment-287333218 + # Note that UsePAM: no is not supported under RHEL/CentOS. See + # https://github.com/willshersystems/ansible-sshd/pull/51#issuecomment-287333218 UsePAM: yes X11Forwarding: yes UsePrivilegeSeparation: sandbox diff --git a/vars/RedHat_8.yml b/vars/RedHat_8.yml index e4c65bf..e89b11d 100644 --- a/vars/RedHat_8.yml +++ b/vars/RedHat_8.yml @@ -14,8 +14,8 @@ __sshd_defaults: ChallengeResponseAuthentication: no GSSAPIAuthentication: yes GSSAPICleanupCredentials: no -# Note that UsePAM: no is not supported under RHEL/CentOS. See -# https://github.com/willshersystems/ansible-sshd/pull/51#issuecomment-287333218 + # Note that UsePAM: no is not supported under RHEL/CentOS. See + # https://github.com/willshersystems/ansible-sshd/pull/51#issuecomment-287333218 UsePAM: yes X11Forwarding: yes PrintMotd: no