diff options
Diffstat (limited to 'roles/ssh')
| -rw-r--r-- | roles/ssh/tasks/generate_dns.yml | 8 | ||||
| -rw-r--r-- | roles/ssh/tasks/main.yml | 23 | ||||
| -rw-r--r-- | roles/ssh/templates/generate_dns.j2 | 24 | ||||
| -rw-r--r-- | roles/ssh/templates/sshd_config.j2 | 25 |
4 files changed, 0 insertions, 80 deletions
diff --git a/roles/ssh/tasks/generate_dns.yml b/roles/ssh/tasks/generate_dns.yml deleted file mode 100644 index 60a21bd..0000000 --- a/roles/ssh/tasks/generate_dns.yml +++ /dev/null @@ -1,8 +0,0 @@ - -# ssh ~~ tasks/local_dns.yml - -- name: Generate template to localhost - template: - src: templates/generate_dns.j2 - dest: "{{ lookup('env', 'HOME') }}/.ssh/config.d/ssh_dns" - delegate_to: 127.0.0.1 diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml deleted file mode 100644 index 0fc2dee..0000000 --- a/roles/ssh/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ - -# ssh ~~ tasks/main.yml - ---- - -- name: Generate sshd configuration - template: - src: templates/sshd_config.j2 - dest: /etc/ssh/sshd_config - owner: root - group: "{{ group_root }}" - mode: "0644" - -- name: Restart sshd - service: - name: sshd - state: restarted - -- name: Check ssh connection - wait_for: - port: 22 - delay: 1 - state: started diff --git a/roles/ssh/templates/generate_dns.j2 b/roles/ssh/templates/generate_dns.j2 deleted file mode 100644 index 5d58ae9..0000000 --- a/roles/ssh/templates/generate_dns.j2 +++ /dev/null @@ -1,24 +0,0 @@ - -# ssh configuration for dns ~~ ~/.ssh/.config.d/ -# managed by Ansible - -{% for h in groups["all"] %} -{% set h = hostvars[h] %} -{##} -{% if h.ip is defined and h.services is defined %} -{% set _port = h.services | selectattr("name", "equalto", "ssh") | map(attribute="port") | list | join(' ') %} -{##} -# {{ h.ansible_host }} - -Match originalhost {{ h.ansible_host }} exec "ls /sys/class/net/{{ _i.dcontroller }} && ! ping -c 1 -W 5 {{ h.ip.out }}" - HostName {{ h.ip.in }} - Port {{ _port }} - -Match originalhost {{ h.ansible_host }} - HostName {{ h.ip.out }} - Port {{ _port }} - User root - -{% endif %} -{##} -{% endfor %} diff --git a/roles/ssh/templates/sshd_config.j2 b/roles/ssh/templates/sshd_config.j2 deleted file mode 100644 index a11268e..0000000 --- a/roles/ssh/templates/sshd_config.j2 +++ /dev/null @@ -1,25 +0,0 @@ - -# ssh ~~ /etc/ssh/sshd_config -# managed by Ansible - -# security -PermitRootLogin yes -MaxAuthTries 6 -MaxSessions 10 - -# auth -AuthorizedKeysFile .ssh/authorized_keys -PasswordAuthentication no -PermitEmptyPasswords no -ClientAliveInterval 180 - - -{% if ansible_facts["os_family"] == "OpenBSD" or ansible_facts["os_family"] == "Alpine" %} -Subsystem sftp /usr/libexec/sftp-server -{% elif ansible_facts["os_family"] == "Debian" %} -ChallengeResponseAuthentication no -UsePAM yes -PrintMotd no -UsePrivilegeSeparation sandbox -Subsystem sftp /usr/lib/ssh/sftp-server -{% endif %} |