1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_sshd.git synced 2024-08-16 11:59:49 +02:00

start adding github actions and improve meta

This commit is contained in:
L3D 2021-03-11 00:17:05 +01:00
parent 1c2dc323e7
commit d09093a3fd
Signed by: l3d
GPG key ID: CD08445BFF4313D1
7 changed files with 64 additions and 21 deletions

1
.cache/roles/do1jlr.sshd Symbolic link
View file

@ -0,0 +1 @@
../..

2
.github/FUNDING.yml vendored
View file

@ -1,4 +1,4 @@
# These are supported funding model platforms
---
github: [do1jlr]
liberapay: L3D

View file

@ -0,0 +1,22 @@
---
name: Ansible Lint check
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible/ansible-lint-action@master
with:
targets: "."
# [required]
# Paths to ansible files (i.e., playbooks, tasks, handlers etc..)
args: ""
# [optional]

22
.github/workflows/yamllint.yaml vendored Normal file
View file

@ -0,0 +1,22 @@
---
name: 'Yamllint GitHub Actions'
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
yamllint:
name: 'Yamllint'
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@master
- name: 'Yamllint'
uses: karancode/yamllint-github-action@master
with:
yamllint_file_or_dir: '.'
yamllint_config_filepath: './.yamllint'
yamllint_strict: false
yamllint_comment: true
# env:
# GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }

View file

@ -4,11 +4,14 @@
# set the ssh server port
sshd__port: 22
# ssh password authorisatuin (not recomended)
# ssh password authorisatuin (not recomended)
sshd__password_authentication: false
# should we disable not selected ssh key types?
# should we disable not selected ssh key types?
sshd__manage_key_types: true
# choose ssh server allowed key types
# choose ssh server allowed key types
sshd__key_types:
- 'ed25519'
# - 'rsa'
@ -56,17 +59,17 @@ sshd__macs:
# - 'hmac-sha1'
# Enable AllowUsers and AllowGroups options
sshd__restrict_users: True
sshd__restrict_users: true
sshd__allowed_users:
- "root"
- "ansible"
sshd__restrict_groups: True
sshd__restrict_groups: true
sshd__allowed_groups:
- "root"
- "admins"
sshd__xforwarding: True
sshd__xforwarding: true
sshd__state: present # use latest for upgrading
sshd__state: present # use latest for upgrading
# perform simple version check for this role? (true is recomended)
submodules_versioncheck: false

View file

@ -1,6 +1,6 @@
---
- name: systemctl restart ssh
become: yes
become: true
ansible.builtin.systemd:
name: "{{ sshd__service }}"
state: restarted

View file

@ -1,25 +1,20 @@
---
galaxy_info:
author: L3D
role_name: sshd
author: do1jlr
description: Manage your SSH Server - and deploy a good sshd configuration
license: "MIT"
min_ansible_version: 2.3
github_branch: master
min_ansible_version: 2.8
github_branch: main
platforms:
- name: Archlinux
versions: all
- name: Debian
versions:
- stretch
- sid
versions: all
- name: Ubuntu
versions:
- bionic
- cosmic
versions: all
- name: Fedora
versions:
- 28
- 29
versions: all
galaxy_tags:
- ssh
- sshd