libretic/ansible-sshd
6
0
Fork 0
mirror of https://github.com/willshersystems/ansible-sshd synced 2024-11-08 12:53:29 +01:00
Code Issues Projects Releases Packages Wiki Activity
356 commits 2 branches 70 tags 1.1 MiB
Commit graph

356 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jakub Jelen
fd144194e6 tests: Do not use ed25519 keys as they are not available in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
70a9daf916 Use only RSA hostkeys in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
4b0935c9a1 RHEL6: Fix defaults 2020-12-11 13:25:19 +01:00
Jakub Jelen
f1aa17930a tests: Do not use gcm ciphers as they are not available in RHEL6 2020-12-11 13:25:19 +01:00
Jakub Jelen
e92a98a97f tests: Improve testing of the sysconfig with more real example 2020-12-11 13:25:19 +01:00
Jakub Jelen
45bf0180fe tests: Verify backup files are created and can be disabled 2020-12-11 13:25:19 +01:00
Jakub Jelen
497db39466 tests: Move setup tasks to separate file 2020-12-11 13:25:19 +01:00
Jakub Jelen
9b234acbd7 Remove non-default values from Debian 9 vars file 2020-12-11 13:25:19 +01:00
Jakub Jelen
c9015f37c3 variables: Use more specific vars file first 2020-12-11 13:25:19 +01:00
Jakub Jelen
ed4e968f66 Debian: Remove default values and drop what does not match system defaults 2020-12-11 13:25:19 +01:00
Jakub Jelen
86495969dc tests: Skip hostkey test in Debian and RHEL6 as it is missing 2020-12-11 13:25:19 +01:00
Jakub Jelen
425400d521 Do not attempt to create and verify sysconfig on unrelated systems 2020-12-11 13:25:19 +01:00
Jakub Jelen
48dc56b2d2 Recognize podman container runtime and ignore services there 2020-12-11 13:25:19 +01:00
Jakub Jelen
a15ad61af5 Add Ubuntu and Debian test using Github Actions 2020-12-11 13:25:19 +01:00
Jakub Jelen
6b36488299 Check runtime directory for running CI in Debian and Ubuntu 2020-12-11 13:25:19 +01:00
Jakub Jelen
51be56b57a README: Clarify semantics of match blocks 2020-12-11 13:25:19 +01:00
Jakub Jelen
acb56267a1 tests: Verify variable precedence is correctly applied 2020-12-11 13:25:19 +01:00
Jakub Jelen
156373262c tests: Test match can accept dict directly 2020-12-11 13:25:19 +01:00
Jakub Jelen
f12b322aae Accept single hostkey as a string too 2020-12-11 13:25:19 +01:00
Jakub Jelen
bb979290db tests: Verify the sshd_enable variable works 2020-12-11 13:25:19 +01:00
Jakub Jelen
9032ea2b1e tests: Verify the defaults of this role do not change os defaults 2020-12-11 13:24:59 +01:00
Jakub Jelen
9ccbe04b7f tests: Implement backup & restore of important files for separate tests 2020-12-11 13:24:40 +01:00
Jakub Jelen
e04dd2a1dc Update RHEL8 defaults to match reality 2020-11-20 23:10:00 +01:00
Matt Willsher
fb0932c993
Merge pull request #146 from Jakuje/github-actions 
Run tests with Github Actions and fix things on the way
 2020-11-16 11:52:56 +00:00
Jakub Jelen
242058a10b tests: For Fedora containers, make sure the sshd host keys exist 2020-11-16 11:32:28 +01:00
Jakub Jelen
ff04f6ff89 tests: Replace cat with slurp 2020-11-16 11:20:56 +01:00
Jakub Jelen
a1ee1c0f77 Hide changes to temporary files 2020-11-16 11:20:56 +01:00
Jakub Jelen
567708dff6 tests: Make sure the user/group nobody is present in the test 2020-11-16 11:20:56 +01:00
Jakub Jelen
80a72b206e ci: Run the new tests also in the travis 2020-11-16 11:20:56 +01:00
Jakub Jelen
e4de9a6afd tests: Use complete connection specification for RHEL7 compatibility 2020-11-16 11:20:56 +01:00
Jakub Jelen
e000df3dd2 ci: Run tests using github actions on different OS 
The Debian and Ubuntu fails sshd in test mode, because
it is missing the privilege separation directory
/run/sshd in container.
 2020-11-16 11:20:56 +01:00
Jakub Jelen
823cd2d055 Fix typos 2020-11-16 11:20:56 +01:00
Jakub Jelen
e2d6a8ba0f tests: Fix for Fedora using different default configuration file 2020-11-16 11:20:56 +01:00
Jakub Jelen
f3f041b580 tests: Verify we can write main config after included one 2020-11-16 11:20:55 +01:00
Jakub Jelen
35945647e1 tests: Use the main configuration file for setting sftp subsystem 2020-11-16 11:16:57 +01:00
Jakub Jelen
33dcb0d9d4 tests: Verify we can generate hostkeys and prevent its creation if needed 2020-11-16 11:16:44 +01:00
Jakub Jelen
94553a887e Create temporary hostkeys for test if there are none 
and if we are not writing the main configuration file
 2020-11-16 11:10:16 +01:00
Jakub Jelen
dd820d1c24 Implement hostkey checks 
This is useful during provisioning, when the keys were not generated
by sshd-keygen service or similar principles depending on operating
system.

This is also helpful when running this role in containers, where
is no service running either.

The keys are generally readable only by root, but in RHEL and Fedora,
they are readable also by group ssh_keys, which is used for hostbased
authentication.

This should fix #111
 2020-11-16 11:10:16 +01:00
Jakub Jelen
b3b026e353 README: Cleanup documentation and add missing configuration options 2020-11-16 11:10:16 +01:00
Jakub Jelen
7741a06714 Document missing configuraiton variables & sort 
as recommended by best practices:

> Every argument accepted from outside of the role should be given
> a default value in defaults/main.yml.

https://github.com/oasis-roles/meta_standards#vars-vs-defaults
 2020-11-16 11:10:16 +01:00
Jakub Jelen
22ed476ab4 README: Bring the sshd_config_file to the public API 2020-11-16 11:10:16 +01:00
Jakub Jelen
69e6ede5fb README: Do not confuse vim syntax highlighter 2020-11-16 11:10:16 +01:00
Jakub Jelen
f32003f051 Remove set_facts tasks not to polute global namespace 
The usage of set_facts inside of roles is not recommended if
it is used for internal variables used only inside of the role.
It is recommended to use variables with smaller scope to avoid
inter-dependencies between different invocations of the same
role as demonstrated in the tests_alternative_file.yml later
in the patch series

ttps://github.com/oasis-roles/meta_standards#ansible-best-practices
 2020-11-06 12:04:41 +01:00
Jakub Jelen
634d87490e Exclude service commands in Github Action CI 2020-11-06 11:35:10 +01:00
Jakub Jelen
ad913968ac Add a symlink to make tests working in CI without modification to ansible.cfg 2020-11-06 11:35:10 +01:00
Jakub Jelen
4b944a6c98 tests: Check for the sysconfig configuration only on relevant OS 2020-11-06 10:57:23 +01:00
Jakub Jelen
f1eef49960 gentoo: Remove bogus default values 2020-11-06 10:30:29 +01:00
Matt Willsher
6ad8a3e706
Merge pull request #144 from Jakuje/tests 
Rename tests to follow best practices and make gallaxy linters happy
 2020-10-28 17:52:15 +00:00
Jakub Jelen
a80105069c Run yamllint with galaxy configuration to avoid quality penalty 2020-10-21 22:08:39 +02:00
Jakub Jelen
8414fd5994 tests: Remove trailing newlines to satisfy galaxy linters 2020-10-21 18:32:49 +02:00