diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2019-12-26 21:50:16 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2019-12-26 21:50:16 +0100 |
| commit | c7006b00fb5664423daeee3b83aa347cf959701b (patch) | |
| tree | 1da323d2777246ff0e01370641f2b2f48dca914e /roles/sshd | |
| parent | make vm install work for both debian/ubuntu and openbsd (diff) | |
zsh and sshd role support debian and openbsd now
Diffstat (limited to 'roles/sshd')
| -rw-r--r-- | roles/sshd/handlers/main.yml | 2 | ||||
| -rw-r--r-- | roles/sshd/tasks/main.yml | 11 | ||||
| -rw-r--r-- | roles/sshd/vars/Debian.yml | 3 | ||||
| -rw-r--r-- | roles/sshd/vars/OpenBSD.yml | 2 |
4 files changed, 16 insertions, 2 deletions
diff --git a/roles/sshd/handlers/main.yml b/roles/sshd/handlers/main.yml index f43817f2..ea76595a 100644 --- a/roles/sshd/handlers/main.yml +++ b/roles/sshd/handlers/main.yml @@ -1,5 +1,5 @@ --- - name: restart ssh service: - name: sshd + name: "{{ sshd_service_name }}" state: restarted diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index f98ea536..d73d778b 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -1,4 +1,12 @@ --- +- name: load os/distrubtion/version specific variables + include_vars: "{{ item }}" + with_first_found: + - files: + - "{{ ansible_distribution_release }}.yml" + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" + - name: hardening ssh-server config vars: sshd_options: @@ -32,6 +40,7 @@ exclusive: yes - name: delete root password + when: sshd_disabled_password is defined user: name: root - password: "!" + password: "{{ sshd_disabled_password }}" diff --git a/roles/sshd/vars/Debian.yml b/roles/sshd/vars/Debian.yml new file mode 100644 index 00000000..abbccabc --- /dev/null +++ b/roles/sshd/vars/Debian.yml @@ -0,0 +1,3 @@ +--- +sshd_service_name: ssh +sshd_disabled_password: '!' diff --git a/roles/sshd/vars/OpenBSD.yml b/roles/sshd/vars/OpenBSD.yml new file mode 100644 index 00000000..abdaf180 --- /dev/null +++ b/roles/sshd/vars/OpenBSD.yml @@ -0,0 +1,2 @@ +--- +sshd_service_name: sshd |