diff options
Diffstat (limited to 'roles/core/sshd/jump/tasks')
-rw-r--r-- | roles/core/sshd/jump/tasks/main.yml | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/roles/core/sshd/jump/tasks/main.yml b/roles/core/sshd/jump/tasks/main.yml index 3403d8f8..2120cbd6 100644 --- a/roles/core/sshd/jump/tasks/main.yml +++ b/roles/core/sshd/jump/tasks/main.yml @@ -38,7 +38,8 @@ blockinfile: marker: "# {mark} ansible core/sshd/jump" block: | - Match User {{ sshd_jump_users | list | join(',') }} + {% for name, config in sshd_jump_users.items() %} + Match User {{ name }} AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u PasswordAuthentication no PermitTTY no @@ -49,8 +50,12 @@ AllowStreamLocalForwarding no ForceCommand /sbin/nologin AllowTcpForwarding local - #PermitOpen any + PermitOpen {{ config.permit_open | default(['any']) | list | join(' ') }} PermitListen none + {% if not loop.last %} + + {% endif %} + {% endfor %} insertafter: "### ansible core/sshd/base config barrier ###" dest: /etc/ssh/sshd_config notify: restart ssh |