diff options
author | Christian Pointner <equinox@spreadspace.org> | 2021-04-11 20:22:33 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2021-04-11 20:22:37 +0200 |
commit | 0243f0c83260bacbf41b60a19fe7a5b828f2141c (patch) | |
tree | 4e7e0f95d74a782d7037a0e7348ec0f5a01877b3 /roles/core/sshd/base | |
parent | move core/sshd to core/sshd/base (diff) |
add core role sshd/jump
Diffstat (limited to 'roles/core/sshd/base')
-rw-r--r-- | roles/core/sshd/base/tasks/main.yml | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/roles/core/sshd/base/tasks/main.yml b/roles/core/sshd/base/tasks/main.yml index d7524ef7..e5c9f6a7 100644 --- a/roles/core/sshd/base/tasks/main.yml +++ b/roles/core/sshd/base/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: load os/distrubtion/version specific variables - include_vars: "{{ item }}" with_first_found: - - files: - - "{{ ansible_distribution_release }}.yml" - - "{{ ansible_distribution }}.yml" - - "{{ ansible_os_family }}.yml" + - files: + - "{{ ansible_distribution_release }}.yml" + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" + include_vars: "{{ item }}" - name: hardening ssh-server config vars: @@ -31,7 +31,7 @@ lineinfile: dest: /etc/ssh/sshd_config regexp: "^AllowUsers\\s" - line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshd_allowusers_group) | union(sshd_allowusers_host)) }}" + line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshd_allowusers_group) | union(sshd_allowusers_host) | union(sshd_jump_users | default({}) | list)) }}" insertbefore: '^### ansible core/sshd/base config barrier ###' notify: restart ssh |