Commit graph

74 commits

Author SHA1 Message Date
Jakub Jelen
e83cb52ded fix: Document and streamline the sshd_main_config_file
The option was introduced in 6bb0d7b456
without documentation and intended use. The recent change
f6ae2094fe propagated this option to the
generated service files, which is resulting in unexpected results, when
a user decided to set only `sshd_config_file` for the second sshd
service causing the service file points to the system-wide
configuration file.

This is an attempt to fix this by introducing some heuristics to guess
if the user wants to set up second drop-in directory (ending with .d)
or create a standalone configuration file.

Fixes: #280
2024-04-05 09:29:10 +02:00
Mykyta Orlov
efb053839f README.md typo in config word 2024-02-13 19:19:17 +02:00
Jakub Jelen
d48e898148
docs: Fix spelling issues + fix reported issues (#274)
* README: Fix double-the in documentation

* README: Consistently referer to the role name and not to repository name

* README: Improve wording

* Fix more typos

* ci: Add GH action to check for spelling mistakes
2024-01-29 17:55:43 +00:00
Rich Megginson
4543f0c679 feat: support for ostree systems
Feature: Allow running and testing the role with ostree managed nodes.

Reason: We have users who want to use the role to manage ostree
systems.

Result: Users can use the role to manage ostree managed nodes.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-11-28 09:40:18 -07:00
EmyLIEUTAUD
0bc6d8f40b
feat: manage ssh certificates (#252)
* Role configured to accept SSH connection via SSH certificates
* Works with or without principals and ansible-lint updated
* add test for SSH certificates authentication with principals
* Add configuration to run tests for SSH certificates authentication with principals
* tasks to use SSH certificates grouped into one file
* Update README.md
2023-09-11 14:39:03 +01:00
Sergei Petrosian
1e308d69ba Use sshd_<OptionName> in varname for clarity 2023-08-29 15:29:17 +02:00
Sergei Petrosian
625b74a2cc ci: Add markdownlint, test_converting_readme, and build_docs workflows
* markdownlint runs against README.md to avoid any issues with
  converting it to HTML
* test_converting_readme converts README.md > HTML and uploads this test
  artifact to ensure that conversion works fine
* build_docs converts README.md > HTML and pushes the result to the
  docs branch to publish dosc to GitHub pages site
2023-08-29 15:29:17 +02:00
Dominik Rimpf
70c913ed0e
feat: support for debian 12 2023-06-18 23:10:14 +02:00
Rich Megginson
70808e97fc ansible-lint - align with current Ansible recommendations
Use `true/false` instead of `yes/no`
Ensure use of FQCN for builtin modules
Use correct spacing in Jinja expressions
All tasks and plays must have a `name`, and the `name` string must begin with an uppercase letter
Use `ansible.posix.mount` instead of `ansible.builtin.mount`
Use `set -o pipefail` with `shell` module where supported by the platform shell

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
2023-04-10 14:21:30 -06:00
Jakub Jelen
bcd15cab9d Add the alpine also to the README and galaxy metadata 2023-01-16 15:10:28 +01:00
Jakub Jelen
04f056867c Add support for managing selinux and firewall on RHEL 2023-01-13 10:42:40 +01:00
Steffen Scheib
6819be90d3 - Adding support for OpenWrt 21.03 2022-09-24 21:42:01 +02:00
Nikolaos Kakouros
6bb0d7b456 tMakes drop-in functionality configurable by the user 2022-08-26 20:23:51 +00:00
Rich Megginson
1bc8395ea8 Add parameter RSAMinSize to Match blocks
This is a follow-on to https://github.com/willshersystems/ansible-sshd/pull/194
The previous PR added RSAMinSize as an option for the "body" of the
config file, but not for Match blocks.
2022-07-28 15:43:35 -06:00
Matt Willsher
dc350e600f
Addition notes about secondary variables 2022-06-02 12:38:25 +01:00
Jakub Jelen
74026ba2f8 Add support for Ubuntu 22 with drop-in directory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
509f987dfc README: Reword and clarify documentation
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
e9c8d55d5e README: Document the behavior of checking the Include directive
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
fef8b17c6d README: Update links to the CI results
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-05-10 16:48:22 +02:00
Jakub Jelen
ff56d75a6e Update documentation with recent changes
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-19 17:20:27 +02:00
ColdPain
71eab116bd README: fix meta/make_option_lists link 2021-11-09 14:03:41 +01:00
Jakub Jelen
d8b9ae4793 README: Replace travis icons with Github Actions 2021-08-17 15:51:53 +02:00
Dominik Rimpf
6b1b328de3 ADD: doc bullseye support & github workflow on bullseye 2021-08-17 15:26:43 +02:00
Jakub Jelen
8a85e7309b Rename sshd_namespace_append to sshd_config_namespace 2021-06-11 21:49:31 +02:00
Jakub Jelen
eaa6f92a29 Move the adjusted configuration options to the public API 2021-06-10 19:53:00 +02:00
Jakub Jelen
ad399343c9 Skip defaults when appending configuration 2021-06-01 16:09:23 +02:00
Jakub Jelen
a26ea56332 README: Reword the option description and provide example 2021-06-01 16:09:23 +02:00
Jakub Jelen
380ebd21d9 Support for appending a snippet to configuration file 2021-06-01 16:09:23 +02:00
Noriko Hosoi
32f9d0dda5 Update meta data and README
Add 9 to EL and replace the versions of Fedora with all in
meta/main.yml. Update README.md based on the changes.
2021-05-05 19:41:31 +02:00
Jakub Jelen
032054b478 README: Document missing exported variable 2021-02-17 13:47:30 +01:00
Jakub Jelen
9fba3f5794 README: Fix typo 2021-02-16 20:05:57 +01:00
Jakub Jelen
3cde4cf4ef README: Reference examples directory 2021-02-16 20:05:57 +01:00
Jakub Jelen
51be56b57a README: Clarify semantics of match blocks 2020-12-11 13:25:19 +01:00
Jakub Jelen
dd820d1c24 Implement hostkey checks
This is useful during provisioning, when the keys were not generated
by sshd-keygen service or similar principles depending on operating
system.

This is also helpful when running this role in containers, where
is no service running either.

The keys are generally readable only by root, but in RHEL and Fedora,
they are readable also by group ssh_keys, which is used for hostbased
authentication.

This should fix #111
2020-11-16 11:10:16 +01:00
Jakub Jelen
b3b026e353 README: Cleanup documentation and add missing configuration options 2020-11-16 11:10:16 +01:00
Jakub Jelen
22ed476ab4 README: Bring the sshd_config_file to the public API 2020-11-16 11:10:16 +01:00
Jakub Jelen
69e6ede5fb README: Do not confuse vim syntax highlighter 2020-11-16 11:10:16 +01:00
Jakub Jelen
a10ddff535
README: Fix missing code block termination 2020-09-24 10:55:54 +02:00
Matt Willsher
12e8b0aebc
Merge branch 'master' into cleanup 2020-09-23 21:25:10 +01:00
Jakub Jelen
208a9cf348 README: Fix typos and trailing whitespace 2020-09-23 14:49:42 +02:00
Jakub Jelen
203a1a5eab README: Update the list of supported OSes 2020-09-23 14:49:42 +02:00
Jakub Jelen
2744b2e225 Document and test alternative invocation of role through include_role 2020-09-23 14:35:09 +02:00
David Little
53a89b677e AIX support for role (including new AIX handler) 2019-07-10 12:07:07 -05:00
Nikolaos Kakouros
a6a21a9565 Adds on/off toggle 2018-09-08 09:14:39 +02:00
Nikolaos Kakouros
1c511219bf Updates README 2018-09-07 01:36:35 +02:00
Matt Willsher
426e11c4df Update role name in readme 2017-03-20 11:03:19 +00:00
Jasper Lievisse Adriaanse
ef4bc25d54 Support for OpenBSD 2016-10-19 21:33:15 +02:00
Matt Willsher
886b452ad1 Fix galaxy link and role name in example 2016-02-18 13:43:14 +00:00
Matt Willsher
492235692d Role transition to personal galaxy account 2016-01-24 18:37:10 +00:00
Matt Willsher
d109e42ac6 Update README.md 2016-01-24 17:34:50 +00:00