mirror of
https://github.com/willshersystems/ansible-sshd
synced 2025-01-06 23:40:19 +01:00
6e3257736e
The documentation says there is only one global scope for handlers: > There is only one global scope for handlers (handler names and listen topics) > regardless of where the handlers are defined. This also includes handlers > defined in roles. So following the naming convention as we do in all the other variables sounds like a good idea. https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_handlers.html Signed-off-by: Jakub Jelen <jjelen@redhat.com>
49 lines
1.7 KiB
YAML
49 lines
1.7 KiB
YAML
---
|
|
- name: Create a directory for drop-in configuration snippets
|
|
ansible.builtin.file:
|
|
path: "{{ sshd_config_file | dirname }}"
|
|
state: directory
|
|
mode: "{{ sshd_drop_in_dir_mode }}"
|
|
when:
|
|
- sshd_main_config_file is not none
|
|
- sshd_config_file | dirname == sshd_main_config_file ~ '.d'
|
|
|
|
- name: Create the complete configuration file
|
|
ansible.builtin.template:
|
|
src: sshd_config.j2
|
|
dest: "{{ sshd_config_file }}"
|
|
owner: "{{ sshd_config_owner }}"
|
|
group: "{{ sshd_config_group }}"
|
|
mode: "{{ sshd_config_mode }}"
|
|
validate: >-
|
|
{% if not __sshd_supports_validate %}
|
|
true %s
|
|
{% elif sshd_test_hostkey is defined and sshd_test_hostkey.path is defined %}
|
|
{{ sshd_binary | quote }} -t -f %s -h {{ sshd_test_hostkey.path | quote }}/rsa_key
|
|
{% else %}
|
|
{{ sshd_binary | quote }} -t -f %s
|
|
{% endif %}
|
|
backup: "{{ sshd_backup }}"
|
|
notify: sshd_reload
|
|
|
|
- name: Make sure the include path is present in the main sshd_config
|
|
ansible.builtin.lineinfile:
|
|
insertbefore: BOF
|
|
line: "Include {{ sshd_config_file | dirname }}/*.conf"
|
|
path: "{{ sshd_main_config_file }}"
|
|
owner: "{{ sshd_config_owner }}"
|
|
group: "{{ sshd_config_group }}"
|
|
mode: "{{ sshd_config_mode }}"
|
|
validate: >-
|
|
{% if not __sshd_supports_validate %}
|
|
true %s
|
|
{% elif sshd_test_hostkey is defined and sshd_test_hostkey.path is defined %}
|
|
{{ sshd_binary | quote }} -t -f %s -h {{ sshd_test_hostkey.path | quote }}/rsa_key
|
|
{% else %}
|
|
{{ sshd_binary | quote }} -t -f %s
|
|
{% endif %}
|
|
backup: "{{ sshd_backup }}"
|
|
notify: sshd_reload
|
|
when:
|
|
- sshd_main_config_file is not none
|
|
- sshd_config_file | dirname == sshd_main_config_file ~ '.d'
|