Skip to content
Snippets Groups Projects
Commit 07211341 authored by Adrian K.'s avatar Adrian K.
Browse files

Fix ansible-lint

parent 3ce38090
No related branches found
No related tags found
No related merge requests found
---
- name: start sshd
systemd:
ansible.builtin.systemd:
name: sshd
enabled: true
state: restarted
- name: Delete old config
file:
ansible.builtin.file:
path: /etc/ssh/sshd_config
state: absent
......@@ -3,7 +3,7 @@ galaxy_info:
author: Fachschaft Informatik, TU Dortmund
description: Configure the sshd
license: MIT
min_ansible_version: 2.9
min_ansible_version: "2.9"
platforms:
- name: Ubuntu
versions:
......
---
- name: install openssh-server
apt:
ansible.builtin.apt:
name: openssh-server
state: present
notify: start sshd
# Remove every moduli that is unsafer than 3071
- name: remove unsafe moduli
lineinfile:
ansible.builtin.lineinfile:
regexp: '\d* \d \d \d\d\d (([0-9]\d?\d?)|([1-2]\d\d\d)|(30[0-6]\d)|(3070)) \d [0-9A-Z]*'
state: absent
path: /etc/ssh/moduli
- name: Check if sshd_config is already managed in blocks
lineinfile:
ansible.builtin.lineinfile:
path: /etc/ssh/sshd_config
line: "#BEGIN ANSIBLE MANAGED SSH DEFAULTS"
state: present
......@@ -22,12 +22,12 @@
notify: Delete old config
- name: Load config template
set_fact:
ansible.builtin.set_fact:
sshd_config: "{{ lookup('template', 'templates/sshd_config.conf.j2') }}"
- name: Create default config
notify: start sshd
blockinfile:
ansible.builtin.blockinfile:
path: /etc/ssh/sshd_config
block: "{{ sshd_config }}"
marker: "#{mark} ANSIBLE MANAGED SSH DEFAULTS"
......@@ -37,7 +37,7 @@
mode: 0755
- name: Create service override directory
file:
ansible.builtin.file:
path: /etc/systemd/system/sshd.service.d
state: directory
owner: root
......@@ -45,7 +45,7 @@
mode: 0755
- name: Copy service override
copy:
ansible.builtin.copy:
dest: /etc/systemd/system/sshd.service.d/override.conf
content: |
[Unit]
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment