Commit graph

587 commits

Author SHA1 Message Date
Jakub Jelen
c4db22f16d Add configuration options from OpenSSH 8.6 2021-06-12 08:31:10 +02:00
Jakub Jelen
d1446017e9 tests: Create temporary hostkey with proper backup 2021-06-11 21:49:31 +02:00
Jakub Jelen
b97a7b0bde Do not assume the hostkey for the main config exists 2021-06-11 21:49:31 +02:00
Jakub Jelen
8a85e7309b Rename sshd_namespace_append to sshd_config_namespace 2021-06-11 21:49:31 +02:00
Jakub Jelen
00ad695691 Move defaults to vars/main.yml 2021-06-10 19:53:00 +02:00
Jakub Jelen
eaa6f92a29 Move the adjusted configuration options to the public API 2021-06-10 19:53:00 +02:00
Jakub Jelen
2a1426453b Increase test coverage for sshd_config_{owner,group,mode} variables with both invocations 2021-06-10 19:53:00 +02:00
Jakub Jelen
e8b751335e Use proper variable precedence for configuratil file variables 2021-06-10 19:53:00 +02:00
Jakub Jelen
17022bb46d Test role invocation through old 'roles' 2021-06-10 19:53:00 +02:00
Jakub Jelen
345eeed0c0 Fix variable precedence for sshd_hostkey_* variables
This worked fine with the new include_role: invocation, but not with
the old roles: invocation.
2021-06-10 19:53:00 +02:00
Jakub Jelen
ad399343c9 Skip defaults when appending configuration 2021-06-01 16:09:23 +02:00
Jakub Jelen
a26ea56332 README: Reword the option description and provide example 2021-06-01 16:09:23 +02:00
Jakub Jelen
3cad473005 tests: Add negative test and context tests using regex 2021-06-01 16:09:23 +02:00
Jakub Jelen
3e9d408015 Remove boolean comparison and regenerate templates 2021-06-01 16:09:23 +02:00
Jakub Jelen
8e180cfb48 Add new identification for Github Actions virtualization platform 2021-06-01 16:09:23 +02:00
Jakub Jelen
380ebd21d9 Support for appending a snippet to configuration file 2021-06-01 16:09:23 +02:00
Jakub Jelen
fd22532d93 Update source template files used to generate final template 2021-06-01 16:09:23 +02:00
Noriko Hosoi
32f9d0dda5 Update meta data and README
Add 9 to EL and replace the versions of Fedora with all in
meta/main.yml. Update README.md based on the changes.
2021-05-05 19:41:31 +02:00
Matt Willsher
0bb56af2d4
Merge pull request #156 from nhosoi/RHELPLAN-73804
Fix issues found by linters - enable all tests on all repos - remove suppressions
2021-04-12 20:01:18 +01:00
Noriko Hosoi
fe0146b8a0 Fixing issues found by @jakure in his reviews. 2021-04-10 09:11:13 -07:00
Noriko Hosoi
6887864d2c Fix issues found by linters - enable all tests on all repos - remove suppressions
Cleaning up yamllint errors.
  - Use .yamllint.yml and .yamllint_defaults.yml instead of
    .yamllint.yaml.
  - Fix the invalid indentations.

Cleaning up ansible-lint errors.
  - Add "name" to every task.
  - Use command rather than shell
  - Add "changed_when: false".
  - Use '|' instead of '>' for the shell module.
  - Fix '/bin/sh: line 3: CRYPTO_POLICY: unbound variable'.
  - Add "set -eu" and "set -o pipefail" if pipefail is available.
    Note: "pipefail" is not available in "sh" and "dash".
  - Add "- '306'  # Shells that use pipes should set the pipefail option"
    to .ansible-lint since ansible-lint does not recognize it if it's set
    in "if set -o | grep pipefail".

RHELPLAN-73804
2021-04-09 10:27:42 -07:00
Alexander Christoph Bihlmaier
428d390668 UsePrivilegeSeparation is deprecated since 2017/OpenSSH 7.5 - https://www.openssh.com/txt/release-7.5 2021-02-17 13:58:25 +01:00
Michael Pardatscher
b2a48a4e4a Add Subsystem to _ssd_defaults
The Subsystem entry was missing for FreeBSD OS, noticed this while provisioning a TrueNAS box. After the first provision ansible was unable to upload any files due to that missing setting. Tested this change by adjusting the role locally and rerunning it with a clean sshd_config on the remote side, worked fine.
2021-02-17 13:48:07 +01:00
Jakub Jelen
032054b478 README: Document missing exported variable 2021-02-17 13:47:30 +01:00
Jakub Jelen
9fba3f5794 README: Fix typo 2021-02-16 20:05:57 +01:00
Jakub Jelen
3cde4cf4ef README: Reference examples directory 2021-02-16 20:05:57 +01:00
Jakub Jelen
c6f1b3b9ea examples: Provide simple example playbook 2021-02-16 20:05:57 +01:00
Matt Willsher
30ac352a24
Merge pull request #155 from richm/ansible28-jinja27 2021-02-16 16:53:17 +00:00
Rich Megginson
bb612fb6c5 use state: absent instead of state: missing 2021-01-28 15:56:14 -07:00
Matt Willsher
e1de59b3c5
Merge pull request #147 from Jakuje/tests
Improve test coverage with new test cases and new distros, fixing minor issues on the way
2020-12-11 18:21:54 +00:00
Jakub Jelen
d46e5eb226 tests: Use valid option in Match blocks in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
fd144194e6 tests: Do not use ed25519 keys as they are not available in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
70a9daf916 Use only RSA hostkeys in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
4b0935c9a1 RHEL6: Fix defaults 2020-12-11 13:25:19 +01:00
Jakub Jelen
f1aa17930a tests: Do not use gcm ciphers as they are not available in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
e92a98a97f tests: Improve testing of the sysconfig with more real example 2020-12-11 13:25:19 +01:00
Jakub Jelen
45bf0180fe tests: Verify backup files are created and can be disabled 2020-12-11 13:25:19 +01:00
Jakub Jelen
497db39466 tests: Move setup tasks to separate file 2020-12-11 13:25:19 +01:00
Jakub Jelen
9b234acbd7 Remove non-default values from Debian 9 vars file 2020-12-11 13:25:19 +01:00
Jakub Jelen
c9015f37c3 variables: Use more specific vars file first 2020-12-11 13:25:19 +01:00
Jakub Jelen
ed4e968f66 Debian: Remove default values and drop what does not match system defaults 2020-12-11 13:25:19 +01:00
Jakub Jelen
86495969dc tests: Skip hostkey test in Debian and RHEL6 as it is missing 2020-12-11 13:25:19 +01:00
Jakub Jelen
425400d521 Do not attempt to create and verify sysconfig on unrelated systems 2020-12-11 13:25:19 +01:00
Jakub Jelen
48dc56b2d2 Recognize podman container runtime and ignore services there 2020-12-11 13:25:19 +01:00
Jakub Jelen
a15ad61af5 Add Ubuntu and Debian test using Github Actions 2020-12-11 13:25:19 +01:00
Jakub Jelen
6b36488299 Check runtime directory for running CI in Debian and Ubuntu 2020-12-11 13:25:19 +01:00
Jakub Jelen
51be56b57a README: Clarify semantics of match blocks 2020-12-11 13:25:19 +01:00
Jakub Jelen
acb56267a1 tests: Verify variable precedence is correctly applied 2020-12-11 13:25:19 +01:00
Jakub Jelen
156373262c tests: Test match can accept dict directly 2020-12-11 13:25:19 +01:00
Jakub Jelen
f12b322aae Accept single hostkey as a string too 2020-12-11 13:25:19 +01:00