Jakub Jelen
dd820d1c24
Implement hostkey checks
...
This is useful during provisioning, when the keys were not generated
by sshd-keygen service or similar principles depending on operating
system.
This is also helpful when running this role in containers, where
is no service running either.
The keys are generally readable only by root, but in RHEL and Fedora,
they are readable also by group ssh_keys, which is used for hostbased
authentication.
This should fix #111
2020-11-16 11:10:16 +01:00
Jakub Jelen
7741a06714
Document missing configuraiton variables & sort
...
as recommended by best practices:
> Every argument accepted from outside of the role should be given
> a default value in defaults/main.yml.
https://github.com/oasis-roles/meta_standards#vars-vs-defaults
2020-11-16 11:10:16 +01:00
Jakub Jelen
f32003f051
Remove set_facts tasks not to polute global namespace
...
The usage of set_facts inside of roles is not recommended if
it is used for internal variables used only inside of the role.
It is recommended to use variables with smaller scope to avoid
inter-dependencies between different invocations of the same
role as demonstrated in the tests_alternative_file.yml later
in the patch series
ttps://github.com/oasis-roles/meta_standards#ansible-best-practices
2020-11-06 12:04:41 +01:00
Jakub Jelen
71b3f87308
Add support for sysconfig on Fedora/RHEL
...
This is useful for opting out from system-wide cryto policy for SSH
or configuring advanced use case (strong RNG seed).
Fixes : #141
2020-10-06 21:11:39 +02:00
Jakub Jelen
f0de8fb16e
Backup old configuration by default as recommended by OASIS
...
https://github.com/oasis-roles/meta_standards#generating-files-from-templates
2020-09-23 14:49:42 +02:00
Jakub Jelen
2c574fdcba
avoid the use of True and False for boolean values
...
These are not in yml specification and come from python. Behavior
can differ in particular YAML implementation.
2020-09-23 14:43:40 +02:00
Nikolaos Kakouros
a6a21a9565
Adds on/off toggle
2018-09-08 09:14:39 +02:00
Nikolaos Kakouros
1c511219bf
Updates README
2018-09-07 01:36:35 +02:00
Nikolaos Kakouros
f5c13ee90f
Merge branch 'master' into systemd
2018-08-25 23:48:09 +02:00
Nikolaos Kakouros
5774f7f44f
Adds ability to install a systemd service
2018-08-25 23:39:06 +02:00
Andrew Eason
814fa367d4
expose sshd_config template backup option with sshd_backup
2018-07-27 10:08:17 -04:00
jamatute
f858380070
* defaults typo
2017-08-16 11:11:31 +02:00
Matt Willsher
43ed7c19a2
Fix Ansible 2.3 warnings
2017-05-04 14:31:26 +01:00
Harald Koch
f36d32e833
cleanup Archlinux support to match defaults in current package (openssh-7.4p1-2)
2017-02-11 11:11:18 -05:00
Aleksandr Kostyrev
7daa715bde
Fix sshd_manage_var_run check
2015-08-12 23:29:51 +03:00
Aleksandr Kostyrev
445261a297
Do not manage /var/run/sshd on CentOS7 fixes #27
2015-08-12 18:41:46 +03:00
Matt Willsher
812a1e1267
Fix issues raised in #22
2015-06-28 10:18:45 +01:00
jitakirin
bcd864fea4
Add sshd_manage_service option
...
Allows disabling management of SSHd service completely, which is handy
when used in a container (where ansible is usually used during build
phase).
2015-06-25 14:54:24 +01:00
Matt Willsher
964496fcd1
Allow reload to be skipped
2015-01-13 17:42:10 +00:00
Matt Willsher
2194672579
Add EL6 defaults
2014-12-22 10:05:09 +00:00
Matt Willsher
26a0f5e350
Seperate defaults dict
2014-12-22 09:25:31 +00:00
Matt Willsher
1b5200c805
Improve option rendering, allow per OS defaults
2014-12-21 22:23:02 +00:00
Matt Willsher
c561b6e5f7
Allow overrides, force sftp for Ansible
2014-12-21 20:29:13 +00:00