banananetwork
/
ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity

common: Validate sshd_config before applying

Browse Source
master
Felix Stupp 3 years ago
parent e1a612966c
commit 15ad953131
Signed by: zocker
GPG Key ID: 93E1BD26F6B02FB7
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
group_vars/all/vars.yml
Unescape Escape View File

@ -61,6 +61,7 @@ global_ssh_key_directory: "{{ global_public_key_directory }}/ssh"
global_ssh_host_key_directory: "{{ global_ssh_key_directory }}/hosts" global_ssh_host_key_directory: "{{ global_ssh_key_directory }}/hosts"
global_validate_shell_script: "/usr/bin/shellcheck %s" # TODO add "--format=" global_validate_shell_script: "/usr/bin/shellcheck %s" # TODO add "--format="
global_validate_sshd_config: "/usr/sbin/sshd -t -f %s"
global_validate_sudoers_file: "/usr/sbin/visudo -c -f %s" global_validate_sudoers_file: "/usr/sbin/visudo -c -f %s"
global_wireguard_private_directory: "{{ global_credentials_directory }}/wireguard" global_wireguard_private_directory: "{{ global_credentials_directory }}/wireguard"

1
roles/common/tasks/sshd.yml
Unescape Escape View File

@ -35,6 +35,7 @@
owner: root owner: root
group: root group: root
mode: "u=rw,g=r,o=r" mode: "u=rw,g=r,o=r"
validate: "{{ global_validate_sshd_config }}"
notify: reassemble sshd config notify: reassemble sshd config
- name: Upload main ssh_config - name: Upload main ssh_config

Write Preview
Loading…
Cancel
Save