CI: Refactor sshd configuration into a role
Prep for applying it to macOS 13 GitHub runners. refs #1186pull/1184/head
parent
9e0dad2a1a
commit
8cfcb66cda
@ -0,0 +1 @@
|
|||||||
|
sshd_config_file: /etc/ssh/sshd_config
|
@ -0,0 +1,18 @@
|
|||||||
|
- name: Create login banner
|
||||||
|
copy:
|
||||||
|
src: banner.txt
|
||||||
|
dest: /etc/ssh/banner.txt
|
||||||
|
mode: u=rw,go=r
|
||||||
|
|
||||||
|
- name: Configure sshd_config
|
||||||
|
lineinfile:
|
||||||
|
path: "{{ sshd_config_file }}"
|
||||||
|
line: "{{ item.line }}"
|
||||||
|
regexp: "{{ item.regexp }}"
|
||||||
|
loop:
|
||||||
|
- line: Banner /etc/ssh/banner.txt
|
||||||
|
regexp: '^#? *Banner.*'
|
||||||
|
- line: PermitRootLogin yes
|
||||||
|
regexp: '.*PermitRootLogin.*'
|
||||||
|
loop_control:
|
||||||
|
label: "{{ item.line }}"
|
Loading…
Reference in New Issue