diff options
Diffstat (limited to 'roles/core')
-rw-r--r-- | roles/core/sshd/base/defaults/main.yml (renamed from roles/core/sshd/defaults/main.yml) | 0 | ||||
-rw-r--r-- | roles/core/sshd/base/handlers/main.yml (renamed from roles/core/sshd/handlers/main.yml) | 0 | ||||
-rw-r--r-- | roles/core/sshd/base/tasks/main.yml (renamed from roles/core/sshd/tasks/main.yml) | 18 | ||||
-rw-r--r-- | roles/core/sshd/base/vars/Debian.yml (renamed from roles/core/sshd/vars/Debian.yml) | 0 | ||||
-rw-r--r-- | roles/core/sshd/base/vars/OpenBSD.yml (renamed from roles/core/sshd/vars/OpenBSD.yml) | 0 |
5 files changed, 13 insertions, 5 deletions
diff --git a/roles/core/sshd/defaults/main.yml b/roles/core/sshd/base/defaults/main.yml index 50cc0f15..50cc0f15 100644 --- a/roles/core/sshd/defaults/main.yml +++ b/roles/core/sshd/base/defaults/main.yml diff --git a/roles/core/sshd/handlers/main.yml b/roles/core/sshd/base/handlers/main.yml index ea76595a..ea76595a 100644 --- a/roles/core/sshd/handlers/main.yml +++ b/roles/core/sshd/base/handlers/main.yml diff --git a/roles/core/sshd/tasks/main.yml b/roles/core/sshd/base/tasks/main.yml index 61bd334f..d7524ef7 100644 --- a/roles/core/sshd/tasks/main.yml +++ b/roles/core/sshd/base/tasks/main.yml @@ -23,7 +23,7 @@ dest: /etc/ssh/sshd_config regexp: "^#?\\s*{{ item.key }}\\s" line: "{{ item.key }} {{ item.value }}" - insertbefore: '^### ansible core/sshd config barrier ###' + insertbefore: '^### ansible core/sshd/base config barrier ###' notify: restart ssh - name: limit allowed users @@ -32,7 +32,7 @@ dest: /etc/ssh/sshd_config regexp: "^AllowUsers\\s" line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshd_allowusers_group) | union(sshd_allowusers_host)) }}" - insertbefore: '^### ansible core/sshd config barrier ###' + insertbefore: '^### ansible core/sshd/base config barrier ###' notify: restart ssh - name: allow any user @@ -43,11 +43,19 @@ state: absent notify: restart ssh -- name: install config barrier for other roles to use +- name: install config barriers for other roles to use + loop: + - line: "### ansible core/sshd/base config barrier ###" + insertbefore: "### ansible core/sshd config barrier ###" + - line: "### ansible core/sshd config barrier ###" + insertafter: "### ansible core/sshd/base config barrier ###" + loop_control: + label: "{{ item.line }}" lineinfile: dest: /etc/ssh/sshd_config - line: "### ansible core/sshd config barrier ###" - insertafter: EOF + line: "{{ item.line }}" + insertbefore: "{{ item.insertbefore | default(omit) }}" + insertafter: "{{ item.insertafter | default(omit) }}" notify: restart ssh - name: install ssh keys for root diff --git a/roles/core/sshd/vars/Debian.yml b/roles/core/sshd/base/vars/Debian.yml index abbccabc..abbccabc 100644 --- a/roles/core/sshd/vars/Debian.yml +++ b/roles/core/sshd/base/vars/Debian.yml diff --git a/roles/core/sshd/vars/OpenBSD.yml b/roles/core/sshd/base/vars/OpenBSD.yml index abdaf180..abdaf180 100644 --- a/roles/core/sshd/vars/OpenBSD.yml +++ b/roles/core/sshd/base/vars/OpenBSD.yml |