Jakub Jelen
e83cb52ded
fix: Document and streamline the sshd_main_config_file
...
The option was introduced in 6bb0d7b456
without documentation and intended use. The recent change
f6ae2094fe
propagated this option to the
generated service files, which is resulting in unexpected results, when
a user decided to set only `sshd_config_file` for the second sshd
service causing the service file points to the system-wide
configuration file.
This is an attempt to fix this by introducing some heuristics to guess
if the user wants to set up second drop-in directory (ending with .d)
or create a standalone configuration file.
Fixes : #280
2024-04-05 09:29:10 +02:00
Rich Megginson
a25523ddce
ci: Use supported ansible-lint action; run ansible-lint against the collection
...
The old ansible-community ansible-lint is deprecated. There is a
new ansible-lint github action.
The latest Ansible repo gating tests run ansible-lint against
the collection format instead of against individual roles.
We have to convert the role to collection format before running
ansible-test.
This also requires tox-lsr 3.2.1
Role developers can run this locally using
`tox -e collection,ansible-lint-collection`
See https://github.com/linux-system-roles/tox-lsr/pull/125
Fix ansible-lint and ansible-test issues reported by the
latest 2.16 versions.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2024-01-08 10:56:53 -07:00
Rich Megginson
4543f0c679
feat: support for ostree systems
...
Feature: Allow running and testing the role with ostree managed nodes.
Reason: We have users who want to use the role to manage ostree
systems.
Result: Users can use the role to manage ostree managed nodes.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-11-28 09:40:18 -07:00
Dominik Rimpf
70c913ed0e
feat: support for debian 12
2023-06-18 23:10:14 +02:00
Jakub Jelen
039aa32606
feat: Add missing configuration options available in Match block
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-06-15 15:56:48 +02:00
Jakub Jelen
484da0584b
feat: Add new options from OpenSSH 9.3
...
This version is now available in Alpine.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-06-15 15:56:48 +02:00
Jakub Jelen
a3065d070c
Make sure the list options are correctly indented
...
Inspired by similar issue reported and fixed in ssh client role
https://github.com/linux-system-roles/ssh/pull/80/
This wont work in RHEL6 (not allowed AcceptEnv in match blocks) so just
skip it here.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2023-04-14 19:01:19 +02:00
Noriko Hosoi
3bc81d9f97
Fingerprint ansible-sshd managed config files
...
- Add repo and role name to the generated config files.
# willshersystems:ansible-sshd
Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
2023-03-29 10:30:06 -07:00
Jakub Jelen
bcd15cab9d
Add the alpine also to the README and galaxy metadata
2023-01-16 15:10:28 +01:00
Jakub Jelen
04f056867c
Add support for managing selinux and firewall on RHEL
2023-01-13 10:42:40 +01:00
Jakub Jelen
e6d075b8f3
meta: Provide explicit namespace to avoid ansible lint errors
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-12-13 14:13:18 +01:00
Jakub Jelen
1c4197e341
Add configuration options from EL7
2022-09-27 22:32:57 +02:00
Jakub Jelen
ddb286111f
Add missing configuration options from EL8
2022-09-27 22:32:57 +02:00
Jakub Jelen
1ae6284951
Add final version of RequiredRSASize
...
Keep the old version for backward compatibility
Upstream commit:
https://github.com/openssh/openssh-portable/commit/1875042c
2022-09-27 22:22:58 +02:00
Jakub Jelen
e8e583b20a
Update source template to match generated files
2022-09-27 22:22:58 +02:00
Nikolaos Kakouros
6bb0d7b456
tMakes drop-in functionality configurable by the user
2022-08-26 20:23:51 +00:00
Rich Megginson
1bc8395ea8
Add parameter RSAMinSize to Match blocks
...
This is a follow-on to https://github.com/willshersystems/ansible-sshd/pull/194
The previous PR added RSAMinSize as an option for the "body" of the
config file, but not for Match blocks.
2022-07-28 15:43:35 -06:00
Rich Megginson
6c0ff316af
add parameter RSAMinSize
...
Add support for the new RSAMinSize parameter.
2022-07-21 15:35:57 -06:00
Rich Megginson
4ca9e8f142
the role still supports 2.9
2022-06-14 07:40:52 -06:00
Matt Willsher
90338a3f0a
Fix various linting issues
2022-06-03 11:22:17 +01:00
Jakub Jelen
74026ba2f8
Add support for Ubuntu 22 with drop-in directory
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
9c202bd60e
Verify the Include is in main configuration file
...
... if drop-in file is modified
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
7f69d1e69a
Filter out Ed25519 keys from default in FIPS mode
...
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-16 15:05:22 +01:00
Sergei Petrosian
44a7d8fb20
Use {{ ansible_managed | comment }} to fix multi-line ansible_managed
...
BZ#2006230, BZ#2006231, BZ#2006233
2021-09-21 12:44:12 +02:00
Matt Willsher
b1fe667432
Merge pull request #164 from spetrosi/drop-ansible-2.8
...
Drop support for Ansible 2.8 by bumping the Ansible version to 2.9
2021-08-18 04:40:59 +01:00
Dominik Rimpf
6b1b328de3
ADD: doc bullseye support & github workflow on bullseye
2021-08-17 15:26:43 +02:00
Sergei Petrosian
5039e29910
Drop support for Ansible 2.8 by bumping the Ansible version to 2.9
...
Bug 1989197 - drop support for Ansible 2.8
https://bugzilla.redhat.com/show_bug.cgi?id=1989197
2021-08-06 10:01:31 +02:00
Jakub Jelen
c4db22f16d
Add configuration options from OpenSSH 8.6
2021-06-12 08:31:10 +02:00
Jakub Jelen
3e9d408015
Remove boolean comparison and regenerate templates
2021-06-01 16:09:23 +02:00
Jakub Jelen
380ebd21d9
Support for appending a snippet to configuration file
2021-06-01 16:09:23 +02:00
Jakub Jelen
fd22532d93
Update source template files used to generate final template
2021-06-01 16:09:23 +02:00
Noriko Hosoi
32f9d0dda5
Update meta data and README
...
Add 9 to EL and replace the versions of Fedora with all in
meta/main.yml. Update README.md based on the changes.
2021-05-05 19:41:31 +02:00
Jakub Jelen
66a4ccbcee
meta: Update list of supported releases
2020-09-23 14:49:42 +02:00
Jakub Jelen
9e7eae712d
Reformat yaml files to avoid wrong indentation, trailing spaces and long lines
2020-09-23 14:49:42 +02:00
Matt Willsher
ed989f571c
Update CI to Ubuntu focal, add Ubuntu focal support to module
2020-09-18 20:48:56 +01:00
Jakub Jelen
b9fb457d2b
Add missing configuration options from current OpenSSH 8.3p1 (Fedora 32)
...
Fixes #125
2020-09-14 18:30:20 +02:00
Jakub Jelen
babfb5542c
Remove duplicate GatewayPorts
2020-09-14 18:30:20 +02:00
Martin Verges
59314077b9
add debian 10 (buster) support
2019-10-23 15:52:21 +02:00
David Little
553344e9b6
Update galaxy meta
2019-07-10 13:31:25 -05:00
yurihs
775264a8b8
Make tags lowercase (ansible-lint E702)
2019-05-23 14:32:21 -03:00
Robert A Vincent II
4a0f7d935a
Specify search path for os vars; support odd-numbered Ubuntu releases.
2019-02-25 16:10:34 -05:00
Nikolaos Kakouros
f5c13ee90f
Merge branch 'master' into systemd
2018-08-25 23:48:09 +02:00
Nikolaos Kakouros
5774f7f44f
Adds ability to install a systemd service
2018-08-25 23:39:06 +02:00
Bob Vincent
c52053b53e
Add missing options_match entries.
2018-08-17 11:54:45 -04:00
Bob Vincent
9378cbd7cf
Add missing options_body entries.
2018-08-17 11:54:45 -04:00
Bob Vincent
8a2dbf0f41
Fix error in 30_bottom.j2
2018-08-13 12:00:11 -04:00
Tim Fletcher
4f0be6f5e7
Add StreamLocalBindUnlink option
...
This option removes existing Unix-domain socket files before they are
used for forwarding targets.
Need to support gpg-agent forwarding with systemd
2018-03-17 15:44:58 +01:00
Jasper Lievisse Adriaanse
ef4bc25d54
Support for OpenBSD
2016-10-19 21:33:15 +02:00
Doug Thompson
d0a91bc3b5
show xenial support on galaxy
2016-08-03 15:53:32 +01:00
Matt Willsher
2d6ed3fa4a
use galaxy tags rather than categories
2016-02-18 13:46:58 +00:00