libretic/ansible-sshd
6
0
Fork 0
mirror of https://github.com/willshersystems/ansible-sshd synced 2024-11-09 21:23:29 +01:00
Code Issues Projects Releases Packages Wiki Activity

Add support for RHEL 9 and adjust tests for it

Browse source
This commit is contained in:
Jakub Jelen 2021-08-03 10:09:13 +02:00 committed by Jakub Jelen
parent c4db22f16d
commit ee2096d680
11 changed files with 39 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
tests/tasks/setup.yml
View file

@ -13,3 +13,19 @@
mode: "0755"
when:
- ansible_facts['os_family'] == 'Debian'
- name: Define common variables
set_fact:
main_sshd_config: /etc/ssh/sshd_config
main_sshd_config_name: sshd_config
main_sshd_config_path: /etc/ssh/
- name: Define specific variables
set_fact:
main_sshd_config: /etc/ssh/sshd_config.d/00-ansible_system_role.conf
main_sshd_config_name: 00-ansible_system_role.conf
main_sshd_config_path: /etc/ssh/sshd_config.d/
when: >
ansible_facts['distribution'] == 'Fedora' or
(ansible_facts['distribution'] == 'RedHat' and
ansible_facts['distribution_major_version']|int > 8)

7
tests/tests_alternative_file.yml
View file

@ -60,13 +60,6 @@
sshd_PasswordAuthentication: no
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

10
tests/tests_alternative_file_role.yml
View file

@ -72,14 +72,10 @@
- /etc/ssh/sshd_config_custom
- /etc/ssh/sshd_config_custom_second
tasks:
- name: Setup variables
include_tasks: tasks/setup.yml
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

18
tests/tests_backup.yml
View file

@ -4,18 +4,6 @@
__sshd_test_backup_files:
- /etc/ssh/sshd_config
- /etc/ssh/sshd_config.d/00-ansible_system_role.conf
main_sshd_config: >-
{{
"00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "sshd_config"
}}
main_sshd_config_path: >-
{{
"/etc/ssh/sshd_config.d/"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/"
}}
tasks:
- name: Backup configuration files
include_tasks: tasks/backup.yml
@ -23,7 +11,7 @@
- name: Find old backups files
find:
paths: "{{ main_sshd_config_path }}"
patterns: "{{ main_sshd_config }}.*@*~"
patterns: "{{ main_sshd_config_name }}.*@*~"
register: backup_files
- name: Remove old backup files
@ -41,7 +29,7 @@
- name: Find new backups files
find:
paths: "{{ main_sshd_config_path }}"
patterns: "{{ main_sshd_config }}.*@*~"
patterns: "{{ main_sshd_config_name }}.*@*~"
register: no_backup
- name: Configure sshd again with different configuration and with backup
@ -54,7 +42,7 @@
- name: Find new backups files
find:
paths: "{{ main_sshd_config_path }}"
patterns: "{{ main_sshd_config }}.*@*~"
patterns: "{{ main_sshd_config_name }}.*@*~"
register: new_backup
- name: Verify the backup was not done in the first attempt, but in the second one

7
tests/tests_hostkeys.yml
View file

@ -39,13 +39,6 @@
- /tmp/ssh_host_rsa_key2
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

10
tests/tests_hostkeys_role.yml
View file

@ -46,14 +46,10 @@
- /etc/ssh/sshd_config.d/00-ansible_system_role.conf
- /tmp/ssh_host_rsa_key2
tasks:
- name: Setup variables
include_tasks: tasks/setup.yml
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

7
tests/tests_match.yml
View file

@ -34,13 +34,6 @@
AllowTcpForwarding: yes
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

7
tests/tests_match_iterate.yml
View file

@ -32,13 +32,6 @@
AllowTcpForwarding: yes
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

7
tests/tests_precedence.yml
View file

@ -27,13 +27,6 @@
sshd_HostKey: /tmp/ssh_host_rsa_key
- name: Verify the options are correctly set
vars:
main_sshd_config: >-
{{
"/etc/ssh/sshd_config.d/00-ansible_system_role.conf"
if ansible_facts['distribution'] == 'Fedora'
else "/etc/ssh/sshd_config"
}}
block:
- meta: flush_handlers

1
tests/tests_sysconfig.yml
View file

@ -77,6 +77,7 @@
when:
- ansible_facts['os_family'] == "RedHat"
- ansible_facts['distribution'] != 'Fedora'
- ansible_facts['distribution_major_version']|int < 9
- name: "Restore configuration files"
include_tasks: tasks/restore.yml

13
vars/RedHat_9.yml Normal file
View file

@ -0,0 +1,13 @@
---
sshd_packages:
- openssh
- openssh-server
sshd_sftp_server: /usr/libexec/openssh/sftp-server
# RHEL 9 ships with drop-in directory support so we touch
# just included file with highest priority by default and have
# empty defaults
__sshd_config_file: /etc/ssh/sshd_config.d/00-ansible_system_role.conf
__sshd_defaults:
__sshd_os_supported: yes
__sshd_hostkey_group: ssh_keys
__sshd_hostkey_mode: "0640"