The option was introduced in 6bb0d7b456
without documentation and intended use. The recent change
f6ae2094fe propagated this option to the
generated service files, which is resulting in unexpected results, when
a user decided to set only `sshd_config_file` for the second sshd
service causing the service file points to the system-wide
configuration file.
This is an attempt to fix this by introducing some heuristics to guess
if the user wants to set up second drop-in directory (ending with .d)
or create a standalone configuration file.
Fixes: #280
* README: Fix double-the in documentation
* README: Consistently referer to the role name and not to repository name
* README: Improve wording
* Fix more typos
* ci: Add GH action to check for spelling mistakes
Specifics:
* Debian 12 has no longer the instantiated service using inet, see the
following commit:
0dc73888bb
* I am not matching the Description tag verbosely as I do not find it
crucial for functionality.
* We generate additional -f switch to the sshd CLI pointing go the main
sshd config we manage
* The Before=sshd.service in the socket is not generated as I find it
unnecessary when we conflict the service.
* Recent Ubuntu versions have RuntimeDirectoryPreserve option, which I
set for all Ubuntu/Debian as it should not hurt.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
The old ansible-community ansible-lint is deprecated. There is a
new ansible-lint github action.
The latest Ansible repo gating tests run ansible-lint against
the collection format instead of against individual roles.
We have to convert the role to collection format before running
ansible-test.
This also requires tox-lsr 3.2.1
Role developers can run this locally using
`tox -e collection,ansible-lint-collection`
See https://github.com/linux-system-roles/tox-lsr/pull/125
Fix ansible-lint and ansible-test issues reported by the
latest 2.16 versions.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Feature: Allow running and testing the role with ostree managed nodes.
Reason: We have users who want to use the role to manage ostree
systems.
Result: Users can use the role to manage ostree managed nodes.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
I noticed some test failures in tests that check ownership/permissions
of config files. The tests were recently changed to reuse the same
VM, so I suspect config files were not being backed up/restored with
the correct file attributes. Use `cp -a` to preserve all file
attributes.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
* Role configured to accept SSH connection via SSH certificates
* Works with or without principals and ansible-lint updated
* add test for SSH certificates authentication with principals
* Add configuration to run tests for SSH certificates authentication with principals
* tasks to use SSH certificates grouped into one file
* Update README.md
* Remove badges from README.md prior to converting to HTML
* Replace Commitlint with PR Title Lint
* Lint all markdown files except for CHANGELOG.md not just README.md
* Use woke form from linux-system-roles
* markdownlint runs against README.md to avoid any issues with
converting it to HTML
* test_converting_readme converts README.md > HTML and uploads this test
artifact to ensure that conversion works fine
* build_docs converts README.md > HTML and pushes the result to the
docs branch to publish dosc to GitHub pages site
Use facts via ansible_facts only.
Made using:
git ls-files -z|grep -z yml|xargs -0r sed --follow-symlinks -Ei \
"s/ansible_(virtualization_type|os_family|distribution\w*)/ansible_facts['\1']/g"