me/env-ansible
me/env-ansible
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add var and job for sshd config.

Browse Source
This commit is contained in:
Hyperling 2021-02-15 09:22:26 -06:00
parent 65d2e71e00
commit 78370d0e93
2 changed files with 39 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
facts/general/service.yml
View File

@ -1,5 +1,5 @@
--- ---
# Define program names for service builtin. # Definitions for service management.
- name: General | Facts | Service | All - name: General | Facts | Service | All
set_fact: set_fact:
@ -7,9 +7,10 @@
cups_pattern: cupsd cups_pattern: cupsd
cups_browse: cups-browsed cups_browse: cups-browsed
cups_browse_pattern: cups-browsed cups_browse_pattern: cups-browsed
sshfs_leet_cmd: "sshfs {{ leet_ssh }}: /mnt/leet -o allow_other,_netdev"
sshd: sshd sshd: sshd
sshd_pattern: sshd sshd_pattern: sshd
sshfs_leet_cmd: "sshfs {{ leet_ssh }}: /mnt/leet -o allow_other,_netdev" sshd_config: /etc/ssh/sshd_config
- name: General | Facts | Service | Linux - name: General | Facts | Service | Linux

43
tasks/general/software/services.yml
View File

@ -1,6 +1,8 @@
--- ---
# Enable and disable services. # Enable and disable services.
## Fake SSHFS ##
- name: General | Software | Services | Create SSHFS rc.conf Entry (FreeBSD) - name: General | Software | Services | Create SSHFS rc.conf Entry (FreeBSD)
blockinfile: blockinfile:
path: /etc/rc.conf path: /etc/rc.conf
@ -17,6 +19,9 @@
warn: false warn: false
when: ansible_system == "FreeBSD" when: ansible_system == "FreeBSD"
## CUPS ##
- name: General | Software | Services | Disable CUPS Daemon - name: General | Software | Services | Disable CUPS Daemon
service: service:
name: "{{ cups }}" name: "{{ cups }}"
@ -31,12 +36,8 @@
state: stopped state: stopped
enabled: no enabled: no
- name: General | Software | Services | Enable SSHD (Linux?)
service: ## SSHD ##
name: "{{ sshd }}"
pattern: "{{ sshd_pattern }}"
state: started
enabled: yes
#- name: General | Software | Services | Create SSHFS rc.conf Entry (FreeBSD) #- name: General | Software | Services | Create SSHFS rc.conf Entry (FreeBSD)
# lineinfile: # lineinfile:
@ -46,4 +47,32 @@
# state: present # state: present
# create: yes # create: yes
# backup: yes # backup: yes
# when: ansible_system == "FreeBSD" # when: ansible_system == "FreeBSD"
- name: General | Software | Services | Create SSHFS rc.conf Entry (FreeBSD)
lineinfile:
path: "{{ sshd_config }}"
regexp: '{{ item.key }}'
line: '{{ item.value }} # MANAGED BY ANSIBLE'
state: present
create: no
backup: yes
loop:
- { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin no'}
- { "key": '^[\#]?AllowTcpForwarding', "value": 'AllowTcpForwarding no'}
- { "key": '^[\#]?ClientAliveCountMax', "value": 'ClientAliveCountMax 2'}
- { "key": '^[\#]?Compression', "value": 'Compression no'}
- { "key": '^[\#]?LogLevel', "value": 'LogLevel verbose'}
- { "key": '^[\#]?MaxAuthTries', "value": 'MaxAuthTries 3'}
- { "key": '^[\#]?MaxSessions', "value": 'MaxSessions 2'}
#- { "key": '^[\#]?Port', "value": 'Port '}
- { "key": '^[\#]?TCPKeepAlive', "value": 'TCPKeepAlive no'}
- { "key": '^[\#]?X11Forwarding', "value": 'X11Forwarding no'}
- { "key": '^[\#]?AllowAgentForwarding', "value": 'AllowAgentForwarding no'}
- name: General | Software | Services | Enable SSHD (Linux?)
service:
name: "{{ sshd }}"
pattern: "{{ sshd_pattern }}"
state: started
enabled: yes