From 33621ca937a96cbd027240a1620bc891c08a02b4 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 25 May 2019 02:53:21 +0200 Subject: loop vs. with - the beginnings... --- roles/sshd/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'roles/sshd') diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index e638905b..2c81f497 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -5,11 +5,6 @@ state: present - name: hardening ssh-server config - lineinfile: - regexp: "^#?\\s*{{ item.key }}" - line: "{{ item.key }} {{ item.value }}" - dest: /etc/ssh/sshd_config - mode: 0644 with_dict: IgnoreRhosts: "yes" PermitRootLogin: "without-password" @@ -18,7 +13,12 @@ PermitEmptyPasswords: "no" UseDNS: "no" loop_control: - label: "{{ item.key }}" + label: "{{ item.key }} = {{ item.value }}" + lineinfile: + regexp: "^#?\\s*{{ item.key }}" + line: "{{ item.key }} {{ item.value }}" + dest: /etc/ssh/sshd_config + mode: 0644 notify: restart ssh - name: limit allowed users -- cgit v1.2.3 From 4115572673efed533e06ab9dfcba95bb77992593 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 1 Jun 2019 17:51:58 +0200 Subject: with_dict -> loop --- roles/sshd/tasks/main.yml | 16 +++++++++------- roles/vm/grub/tasks/main.yml | 18 ++++++++++-------- 2 files changed, 19 insertions(+), 15 deletions(-) (limited to 'roles/sshd') diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 2c81f497..9d35e750 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -5,13 +5,15 @@ state: present - name: hardening ssh-server config - with_dict: - IgnoreRhosts: "yes" - PermitRootLogin: "without-password" - PubkeyAuthentication: "yes" - HostbasedAuthentication: "no" - PermitEmptyPasswords: "no" - UseDNS: "no" + vars: + sshd_options: + IgnoreRhosts: "yes" + PermitRootLogin: "without-password" + PubkeyAuthentication: "yes" + HostbasedAuthentication: "no" + PermitEmptyPasswords: "no" + UseDNS: "no" + loop: "{{ sshd_options | dict2items }}" loop_control: label: "{{ item.key }} = {{ item.value }}" lineinfile: diff --git a/roles/vm/grub/tasks/main.yml b/roles/vm/grub/tasks/main.yml index eb868d38..e663e808 100644 --- a/roles/vm/grub/tasks/main.yml +++ b/roles/vm/grub/tasks/main.yml @@ -1,15 +1,17 @@ --- - name: enable serial console in grub and for kernel - with_dict: - GRUB_TIMEOUT: 2 - GRUB_CMDLINE_LINUX: '"console=ttyS0,115200n8"' - GRUB_TERMINAL: serial - GRUB_SERIAL_COMMAND: >- - "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1" + vars: + grub_options: + GRUB_TIMEOUT: 2 + GRUB_CMDLINE_LINUX: '"console=ttyS0,115200n8"' + GRUB_TERMINAL: serial + GRUB_SERIAL_COMMAND: >- + "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1" + loop: "{{ grub_options | dict2items }}" + loop_control: + label: "{{ item.key }}" lineinfile: dest: /etc/default/grub regexp: "^{{ item.key }}=" line: "{{ item.key }}={{ item.value }}" notify: update grub - loop_control: - label: "{{ item.key }}" -- cgit v1.2.3