Commit graph

589 commits

Author SHA1 Message Date
Martin Verges
1cbfc4e272 on debian10 securely configure SSH by default
verified configuration with 'ssh-audit'
removed controversial keys
removed insecure macs,keys,ciphers

tested on Debian 10 Buster
2019-10-24 13:44:43 +02:00
Martin Verges
59314077b9 add debian 10 (buster) support 2019-10-23 15:52:21 +02:00
Alexander Christoph Bihlmaier
cca93d5c6d variable ansible_distribution_major_version is not present on OpenBSD
and throws an error because it can't resolve it
2019-10-18 18:06:04 +02:00
Tiziano Müller
90b19f3b7c vars: add config for RedHat/CentOS 8
besides dropping the deprecated Sandbox option, set
`GSSAPICleanupCredentials no` since that's what I have on a fresh
installation of CentOS 8.
2019-10-14 14:48:06 +02:00
Tiziano Müller
6be10a2d17 vars: add config for openSUSE Leap 15 2019-10-14 14:45:08 +02:00
Alexander Christoph Bihlmaier
63095094fc extending yaml file lookup with "ansible_distribution_version" 2019-10-03 15:07:16 +02:00
thalunil
9fedd23cf0 * OpenBSD 6.5 no longer provides ansible fact "ansible_distribution_major_version" therefore it it set to "ansible_distribution_version".
* ansible fact ansible_distribution_lts_version only makes sense on Ubuntu so set it only on Ubuntu -> otherwise "ansible_distribution_version"
2019-09-30 19:57:15 +02:00
Matt Willsher
454bcb828f
Merge pull request #113 from willshersystems/feature/duplicate-gatewayports
Remove duplicate GatewayPorts
2019-07-10 19:47:27 +01:00
Matt Willsher
3c32998957 Remove duplicate GatewayPorts 2019-07-10 19:41:32 +01:00
Matt Willsher
a9354934ee
Merge pull request #112 from d-little/aix-support
AIX support (including new AIX handler)
2019-07-10 19:35:34 +01:00
Matt Willsher
003480d7b6
Merge pull request #92 from nkakouros-forks/syntax
Updates syntax to Ansible 2.7 era
2019-07-10 19:32:29 +01:00
David Little
553344e9b6 Update galaxy meta 2019-07-10 13:31:25 -05:00
David Little
b5585b81f3 Newline at EOF 2019-07-10 13:05:19 -05:00
David Little
53a89b677e AIX support for role (including new AIX handler) 2019-07-10 12:07:07 -05:00
Nikolaos Kakouros
b81977c659 Merge branch 'master' into syntax 2019-06-04 11:48:02 +02:00
Matt Willsher
a6652594ba
Merge pull request #110 from willshersystems/travis_fixes
Travis fixes
2019-05-23 20:42:56 +01:00
Matt Willsher
3f7db475ce Add bool to handler 2019-05-23 20:38:31 +01:00
Matt Willsher
7b5e905a20 Use become not sudo 2019-05-23 20:34:28 +01:00
Matt Willsher
a141241d1a
Merge pull request #109 from yurihs/master
Resolve lint errors
2019-05-23 20:28:35 +01:00
yurihs
efc868edc2 Ignore ansible-lint E303, usage of systemctl command is unavoidable 2019-05-23 14:50:24 -03:00
yurihs
53218db597 Use bool filter instead of bare variables or comparison to literal True (ansible-lint E601, ansible/ansible#51030) 2019-05-23 14:50:24 -03:00
yurihs
775264a8b8 Make tags lowercase (ansible-lint E702) 2019-05-23 14:32:21 -03:00
yurihs
43d65fb63a Add names to all tasks (ansible-lint E502) 2019-05-23 14:31:30 -03:00
Matt Willsher
7f6344b508
Merge pull request #106 from BenGig/master
Backup of sshd_config dependent on variable
2019-04-29 17:51:18 +01:00
Matt Willsher
95964bda34
Merge pull request #107 from kpfleming/patch-1
Remove 'UsePrivilegeSeparation' from Fedora defaults
2019-04-29 17:50:42 +01:00
Kevin P. Fleming
e000716443
Remove 'UsePrivilegeSeparation' from Fedora defaults
This option has been deprecated in OpenSSH for nearly two years, was the default for five years before that, and is not part of the current Fedora default configuration. It should not be included in sshd_config on Fedora systems.
2019-04-28 21:12:06 -04:00
BenGig
7a84821b8f
Backup of sshd_config dependent on variable
Propagates setting sshd_backup to template installation task
2019-03-22 11:51:39 +01:00
Matt Willsher
a84bc84c22
Merge pull request #104 from pillarsdotnet/fix-vars
Fix variable loading.
2019-03-03 09:31:07 +00:00
Robert A Vincent II
4a0f7d935a Specify search path for os vars; support odd-numbered Ubuntu releases. 2019-02-25 16:10:34 -05:00
Matt Willsher
81bd585e8f
Merge pull request #103 from mfredholm/patch-1: Ubuntu 18 defaults
Remove deprecated options for Ubuntu 18
2019-02-20 21:17:24 +00:00
mfredholm
a3ca915dbd
Update Ubuntu_18.yml
Minimal vars using defaults.
2019-01-31 10:33:01 +01:00
mfredholm
03172b3c07
Remove deprecated options 2019-01-28 13:30:19 +01:00
Matt Willsher
6f43191418
Merge pull request #95 from AaltoScienceIT/chroot
Make role work with chroot connections on EL 7.
2018-09-22 19:14:28 +01:00
Janne Blomqvist
d438f096a7 Make role work with chroot connections on EL 7.
For chroot connection (e.g. when building images instead of working on
live hosts) one cannot restart services etc.

Also due to Ansible bug 21026 one must run systemctl instead of using
the service module, limiting support to EL 7 for the time being.
2018-09-11 16:10:58 +03:00
Matt Willsher
5d6262a474
Merge pull request #93 from tterranigma/service_fix
Fixes bad option in systemd service file
2018-09-11 07:08:57 +01:00
Nikolaos Kakouros
d3d04cfdd7 Fixes bad option in systemd service file 2018-09-11 00:21:01 +02:00
Matt Willsher
96992e1a5d
Merge pull request #91 from tterranigma/onoff
Adds on/off toggle
2018-09-08 09:49:33 +01:00
Nikolaos Kakouros
da2c91d93a Adds forgotten conditional 2018-09-08 10:46:57 +02:00
Nikolaos Kakouros
10f94a1f05 Updates syntax to Ansible 2.7 era 2018-09-08 10:13:51 +02:00
Nikolaos Kakouros
a6a21a9565 Adds on/off toggle 2018-09-08 09:14:39 +02:00
Matt Willsher
b431459b45
Merge pull request #89 from tterranigma/systemd
Adds ability to install a systemd service
2018-09-07 20:09:42 +01:00
Nikolaos Kakouros
1c511219bf Updates README 2018-09-07 01:36:35 +02:00
Nikolaos Kakouros
133543cc1f Renames variables for all supported platforms 2018-09-03 00:23:58 +02:00
Nikolaos Kakouros
54715f9456 Fixes Ubuntu vars 2018-08-26 00:06:42 +02:00
Nikolaos Kakouros
f5c13ee90f Merge branch 'master' into systemd 2018-08-25 23:48:09 +02:00
Nikolaos Kakouros
5774f7f44f Adds ability to install a systemd service 2018-08-25 23:39:06 +02:00
Matt Willsher
9575d16dd4
Merge pull request #87 from pillarsdotnet/add-missing-options
Add missing sshd options, improve CI tests
2018-08-17 17:53:08 +01:00
Bob Vincent
3aa2d17876 Regenerate templates/sshd_config.j2 from meta files. 2018-08-17 11:54:45 -04:00
Bob Vincent
c52053b53e Add missing options_match entries. 2018-08-17 11:54:45 -04:00
Bob Vincent
9378cbd7cf Add missing options_body entries. 2018-08-17 11:54:45 -04:00