From c79f36425c7af864e26af65999985674b93a513b Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 24 Jun 2020 12:13:36 +0200
Subject: some minor cleanup

---
 roles/core/base/tasks/Debian.yml  | 2 +-
 roles/core/sshd/defaults/main.yml | 2 +-
 roles/core/sshd/tasks/main.yml    | 6 +++---
 3 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'roles/core')

diff --git a/roles/core/base/tasks/Debian.yml b/roles/core/base/tasks/Debian.yml
index 13c3c9f9..bec27bf9 100644
--- a/roles/core/base/tasks/Debian.yml
+++ b/roles/core/base/tasks/Debian.yml
@@ -104,11 +104,11 @@
     ignoreerrors: yes
 
 - name: set kernel command line options
+  when: install is defined and install.kernel_cmdline is defined
   lineinfile:
     path: /etc/default/grub
     regexp: '^#?GRUB_CMDLINE_LINUX='
     line: 'GRUB_CMDLINE_LINUX="{{ install.kernel_cmdline | join(" ") }}"'
-  when: install is defined and install.kernel_cmdline is defined
   notify: update grub
 
 - name: apply stability fix/workaround for machines using intel NIC
diff --git a/roles/core/sshd/defaults/main.yml b/roles/core/sshd/defaults/main.yml
index 8b25827b..50cc0f15 100644
--- a/roles/core/sshd/defaults/main.yml
+++ b/roles/core/sshd/defaults/main.yml
@@ -1,2 +1,2 @@
 ---
-ssh_allow_any_user: False
+sshd_allow_any_user: false
diff --git a/roles/core/sshd/tasks/main.yml b/roles/core/sshd/tasks/main.yml
index 24476f75..ef0e9a81 100644
--- a/roles/core/sshd/tasks/main.yml
+++ b/roles/core/sshd/tasks/main.yml
@@ -27,15 +27,15 @@
   notify: restart ssh
 
 - name: limit allowed users
-  when: not ssh_allow_any_user
+  when: not sshd_allow_any_user
   lineinfile:
     dest: /etc/ssh/sshd_config
     regexp: "^AllowUsers\\s"
-    line: "AllowUsers {{ ' '.join([ 'root' ] | union(ssh_allowusers_group) | union(ssh_allowusers_host)) }}"
+    line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshd_allowusers_group) | union(sshd_allowusers_host)) }}"
   notify: restart ssh
 
 - name: allow any user
-  when: ssh_allow_any_user
+  when: sshd_allow_any_user
   lineinfile:
     dest: /etc/ssh/sshd_config
     regexp: "^AllowUsers\\s"
-- 
cgit v1.2.3