libretic/ansible-sshd
6
0
Fork 0
mirror of https://github.com/willshersystems/ansible-sshd synced 2024-11-25 04:20:18 +01:00
Code Issues Projects Releases Packages Wiki Activity
633 commits 2 branches 70 tags 1.1 MiB
Commit graph

37 commits

Author SHA1 Message Date
Jakub Jelen
e83cb52ded fix: Document and streamline the sshd_main_config_file 
The option was introduced in 6bb0d7b456
without documentation and intended use. The recent change
f6ae2094fe propagated this option to the
generated service files, which is resulting in unexpected results, when
a user decided to set only `sshd_config_file` for the second sshd
service causing the service file points to the system-wide
configuration file.

This is an attempt to fix this by introducing some heuristics to guess
if the user wants to set up second drop-in directory (ending with .d)
or create a standalone configuration file.

Fixes: #280
 2024-04-05 09:29:10 +02:00
Jakub Jelen
039aa32606 feat: Add missing configuration options available in Match block 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2023-06-15 15:56:48 +02:00
Jakub Jelen
484da0584b feat: Add new options from OpenSSH 9.3 
This version is now available in Alpine.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2023-06-15 15:56:48 +02:00
Jakub Jelen
a3065d070c Make sure the list options are correctly indented 
Inspired by similar issue reported and fixed in ssh client role
https://github.com/linux-system-roles/ssh/pull/80/

This wont work in RHEL6 (not allowed AcceptEnv in match blocks) so just
skip it here.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2023-04-14 19:01:19 +02:00
Noriko Hosoi
3bc81d9f97 Fingerprint ansible-sshd managed config files 
- Add repo and role name to the generated config files.
  # willshersystems:ansible-sshd

Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
 2023-03-29 10:30:06 -07:00
Jakub Jelen
1c4197e341 Add configuration options from EL7 2022-09-27 22:32:57 +02:00
Jakub Jelen
ddb286111f Add missing configuration options from EL8 2022-09-27 22:32:57 +02:00
Jakub Jelen
1ae6284951 Add final version of RequiredRSASize 
Keep the old version for backward compatibility

Upstream commit:
https://github.com/openssh/openssh-portable/commit/1875042c
 2022-09-27 22:22:58 +02:00
Nikolaos Kakouros
6bb0d7b456 tMakes drop-in functionality configurable by the user 2022-08-26 20:23:51 +00:00
Rich Megginson
67d2339f03 Ensure values are cast to correct type 
https://github.com/willshersystems/ansible-sshd/issues/188
This shouldn't be necessary, but there seems no way to
guarantee using a version of Jinja which doesn't have this
problem.

In addition - it is not good practice to compare values to
`true` or `false` - instead, just ensure the value is a `bool`
type and evaluate in a boolean context.
 2022-08-16 08:36:57 +02:00
Rich Megginson
1bc8395ea8 Add parameter RSAMinSize to Match blocks 
This is a follow-on to https://github.com/willshersystems/ansible-sshd/pull/194
The previous PR added RSAMinSize as an option for the "body" of the
config file, but not for Match blocks.
 2022-07-28 15:43:35 -06:00
Rich Megginson
6c0ff316af add parameter RSAMinSize 
Add support for the new RSAMinSize parameter.
 2022-07-21 15:35:57 -06:00
Jakub Jelen
9c202bd60e Verify the Include is in main configuration file 
... if drop-in file is modified

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2022-05-10 16:48:22 +02:00
Jakub Jelen
295f1930d4 Update templates to apply FIPS hostkeys filter 
This fixes up the commit 7f69d1e6

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2022-04-19 17:20:27 +02:00
Sergei Petrosian
44a7d8fb20 Use {{ ansible_managed | comment }} to fix multi-line ansible_managed 
BZ#2006230, BZ#2006231, BZ#2006233
 2021-09-21 12:44:12 +02:00
Jakub Jelen
c4db22f16d Add configuration options from OpenSSH 8.6 2021-06-12 08:31:10 +02:00
Jakub Jelen
3e9d408015 Remove boolean comparison and regenerate templates 2021-06-01 16:09:23 +02:00
Jakub Jelen
e31592899c Allow listing match blocks in more nature manner 2020-10-08 18:11:00 +02:00
Jakub Jelen
b9fb457d2b Add missing configuration options from current OpenSSH 8.3p1 (Fedora 32) 
Fixes #125
 2020-09-14 18:30:20 +02:00
Matt Willsher
3c32998957 Remove duplicate GatewayPorts 2019-07-10 19:41:32 +01:00
Nikolaos Kakouros
f5c13ee90f Merge branch 'master' into systemd 2018-08-25 23:48:09 +02:00
Nikolaos Kakouros
5774f7f44f Adds ability to install a systemd service 2018-08-25 23:39:06 +02:00
Bob Vincent
3aa2d17876 Regenerate templates/sshd_config.j2 from meta files. 2018-08-17 11:54:45 -04:00
Tim Fletcher
4f0be6f5e7
Add StreamLocalBindUnlink option 
This option removes existing Unix-domain socket files before they are
used for forwarding targets.

Need to support gpg-agent forwarding with systemd
 2018-03-17 15:44:58 +01:00
Troy Fontaine
c6926634af Fixed sshd_match blocks 2017-04-06 20:37:21 -05:00
Matt Willsher
c42662efa9 Use @luto solution 
Simple and just works!
 2016-01-24 15:49:54 +00:00
Matt Willsher
03ce63e664 Conditionally set value = undefined to avoid trigger lvalue issue on CentOS 6 2016-01-24 12:37:58 +00:00
Matt Willsher
90992da436 Check that value is defined before calling render macro 2016-01-24 10:33:24 +00:00
Matt Willsher
125f8ae4f1 Add DebianBanner option 2015-07-23 18:30:03 +01:00
Matt Willsher
6da7bb1f55 Merge from develop changes 2015-01-04 12:51:40 +00:00
Matt Willsher
398a2f0b93 Remove empty lines, make match array or dict 2014-12-25 12:14:32 +00:00
Matt Willsher
b93f4c48db Add match support 2014-12-25 09:58:55 +00:00
Matt Willsher
b9261337be Ordering issues 2014-12-22 09:41:32 +00:00
Matt Willsher
26a0f5e350 Seperate defaults dict 2014-12-22 09:25:31 +00:00
Matt Willsher
1b5200c805 Improve option rendering, allow per OS defaults 2014-12-21 22:23:02 +00:00
Matt Willsher
c561b6e5f7 Allow overrides, force sftp for Ansible 2014-12-21 20:29:13 +00:00
Matt Willsher
220a5cdb54 Initial commit 2014-12-18 22:12:51 +00:00