mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-12-26 18:30:18 +01:00
fix: add support for EL10
According to the Ansible team, support for listing platforms in role `meta/main.yml` files is being removed. Instead, they recommend using `galaxy_tags` https://github.com/ansible/ansible/blob/stable-2.17/changelogs/CHANGELOG-v2.17.rst "Remove the galaxy_info field platforms from the role templates" https://github.com/ansible/ansible/issues/82453 For each version listed under `platforms.EL` - add a tag like `elN`. Q: Why not use a delimiter between the platform and the version e.g. `el-10`? This is not allowed by ansible-lint: ``` meta-no-tags: Tags must contain lowercase letters and digits only., invalid: 'el-10' meta/main.yml:1 ``` So we cannot use uppercase letters either. Q: Why not use our own meta/main.yml field? No other fields are allowed by ansible-lint: ``` syntax-check[specific]: 'myfield' is not a valid attribute for a RoleMetadata ``` Q: Why not use some other field? There are no other applicable or suitable fields. Q: What happens when we want to support versions like `N.M`? Use the word "dot" instead of "." e.g. `el10dot3`. Similarly - use "dash" instead of "-". We do not need tags such as `fedoraall`. The `fedora` tag implies that the role works on all supported versions of fedora. Otherwise, use tags such as `fedora40` if the role only supports specific versions. In addition - for roles that have different variable files for EL9, create the corresponding EL10 files, and update the variables for EL10. Signed-off-by: Rich Megginson <rmeggins@redhat.com>
This commit is contained in:
parent
0011d61c37
commit
b5b3933072
9 changed files with 47 additions and 9 deletions
1
.ostree/packages-runtime-CentOS-10.txt
Symbolic link
1
.ostree/packages-runtime-CentOS-10.txt
Symbolic link
|
@ -0,0 +1 @@
|
|||
packages-runtime-RedHat-10.txt
|
|
@ -1,2 +0,0 @@
|
|||
openssh
|
||||
openssh-server
|
1
.ostree/packages-runtime-CentOS-6.txt
Symbolic link
1
.ostree/packages-runtime-CentOS-6.txt
Symbolic link
|
@ -0,0 +1 @@
|
|||
packages-runtime-RedHat-6.txt
|
|
@ -1,2 +0,0 @@
|
|||
openssh
|
||||
openssh-server
|
1
.ostree/packages-runtime-CentOS-7.txt
Symbolic link
1
.ostree/packages-runtime-CentOS-7.txt
Symbolic link
|
@ -0,0 +1 @@
|
|||
packages-runtime-RedHat-7.txt
|
|
@ -1,2 +0,0 @@
|
|||
openssh
|
||||
openssh-server
|
1
.ostree/packages-runtime-CentOS-8.txt
Symbolic link
1
.ostree/packages-runtime-CentOS-8.txt
Symbolic link
|
@ -0,0 +1 @@
|
|||
packages-runtime-RedHat-8.txt
|
|
@ -1,2 +0,0 @@
|
|||
openssh
|
||||
openssh-server
|
1
.ostree/packages-runtime-CentOS-9.txt
Symbolic link
1
.ostree/packages-runtime-CentOS-9.txt
Symbolic link
|
@ -0,0 +1 @@
|
|||
packages-runtime-RedHat-9.txt
|
2
.ostree/packages-runtime-RedHat-10.txt
Normal file
2
.ostree/packages-runtime-RedHat-10.txt
Normal file
|
@ -0,0 +1,2 @@
|
|||
openssh
|
||||
openssh-server
|
|
@ -1 +0,0 @@
|
|||
man-db
|
1
.ostree/packages-testing-CentOS.txt
Symbolic link
1
.ostree/packages-testing-CentOS.txt
Symbolic link
|
@ -0,0 +1 @@
|
|||
packages-testing-RedHat.txt
|
|
@ -58,7 +58,13 @@ galaxy_info:
|
|||
- debian
|
||||
- centos
|
||||
- redhat
|
||||
- fedora
|
||||
- freebsd
|
||||
- openbsd
|
||||
- aix
|
||||
- el6
|
||||
- el7
|
||||
- el8
|
||||
- el9
|
||||
- el10
|
||||
dependencies: []
|
||||
|
|
33
vars/RedHat_10.yml
Normal file
33
vars/RedHat_10.yml
Normal file
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
__sshd_os_supported: true
|
||||
|
||||
__sshd_packages:
|
||||
- openssh
|
||||
- openssh-server
|
||||
__sshd_sftp_server: /usr/libexec/openssh/sftp-server
|
||||
# RHEL 10 ships with drop-in directory support so we touch
|
||||
# just included file with highest priority by default
|
||||
__sshd_config_file: /etc/ssh/sshd_config.d/00-ansible_system_role.conf
|
||||
# the defaults here represent the defaults shipped in the main sshd_config
|
||||
__sshd_defaults:
|
||||
Include: /etc/ssh/sshd_config.d/*.conf
|
||||
AuthorizedKeysFile: .ssh/authorized_keys
|
||||
Subsystem: "sftp {{ __sshd_sftp_server }}"
|
||||
|
||||
__sshd_verify_hostkeys_default:
|
||||
- /etc/ssh/ssh_host_rsa_key
|
||||
- /etc/ssh/ssh_host_ecdsa_key
|
||||
- /etc/ssh/ssh_host_ed25519_key
|
||||
__sshd_hostkeys_nofips:
|
||||
- /etc/ssh/ssh_host_ed25519_key
|
||||
|
||||
__sshd_drop_in_dir_mode: '0700'
|
||||
__sshd_main_config_file: /etc/ssh/sshd_config
|
||||
|
||||
__sshd_environment_file: /etc/sysconfig/sshd
|
||||
__sshd_environment_variable: $OPTIONS
|
||||
__sshd_service_after: sshd-keygen.target
|
||||
__sshd_service_wants:
|
||||
- sshd-keygen.target
|
||||
- ssh-host-keys-migration.service
|
||||
__sshd_service_restart_timeout: 42s
|
Loading…
Reference in a new issue