From d09093a3fd8499fefc813442249a38882565a813 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Thu, 11 Mar 2021 00:17:05 +0100
Subject: [PATCH] start adding github actions and improve meta

---
 .cache/roles/do1jlr.sshd                    |  1 +
 .github/FUNDING.yml                         |  2 +-
 .github/workflows/ansible-linting-check.yml | 22 +++++++++++++++++++++
 .github/workflows/yamllint.yaml             | 22 +++++++++++++++++++++
 defaults/main.yml                           | 17 +++++++++-------
 handlers/main.yml                           |  2 +-
 meta/main.yml                               | 19 +++++++-----------
 7 files changed, 64 insertions(+), 21 deletions(-)
 create mode 120000 .cache/roles/do1jlr.sshd
 create mode 100644 .github/workflows/ansible-linting-check.yml
 create mode 100644 .github/workflows/yamllint.yaml

diff --git a/.cache/roles/do1jlr.sshd b/.cache/roles/do1jlr.sshd
new file mode 120000
index 0000000..c25bddb
--- /dev/null
+++ b/.cache/roles/do1jlr.sshd
@@ -0,0 +1 @@
+../..
\ No newline at end of file
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
index 51ba466..67818dd 100644
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1,4 +1,4 @@
-# These are supported funding model platforms
+---
 
 github: [do1jlr]
 liberapay: L3D
diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml
new file mode 100644
index 0000000..41dcb97
--- /dev/null
+++ b/.github/workflows/ansible-linting-check.yml
@@ -0,0 +1,22 @@
+---
+name: Ansible Lint check
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Lint Ansible Playbook
+        uses: ansible/ansible-lint-action@master
+        with:
+          targets: "."
+          # [required]
+          # Paths to ansible files (i.e., playbooks, tasks, handlers etc..)
+          args: ""
+          # [optional]
diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml
new file mode 100644
index 0000000..39c49f8
--- /dev/null
+++ b/.github/workflows/yamllint.yaml
@@ -0,0 +1,22 @@
+---
+name: 'Yamllint GitHub Actions'
+
+# yamllint disable-line rule:truthy
+on: [push, pull_request]
+
+jobs:
+  yamllint:
+    name: 'Yamllint'
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@master
+      - name: 'Yamllint'
+        uses: karancode/yamllint-github-action@master
+        with:
+          yamllint_file_or_dir: '.'
+          yamllint_config_filepath: './.yamllint'
+          yamllint_strict: false
+          yamllint_comment: true
+#       env:
+#         GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }
diff --git a/defaults/main.yml b/defaults/main.yml
index c54b35f..c73e297 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -4,11 +4,14 @@
 
 # set the ssh server port
 sshd__port: 22
-  # ssh password authorisatuin (not recomended)
+
+# ssh password authorisatuin (not recomended)
 sshd__password_authentication: false
-  # should we disable not selected ssh key types?
+
+# should we disable not selected ssh key types?
 sshd__manage_key_types: true
-  # choose ssh server allowed key types
+
+# choose ssh server allowed key types
 sshd__key_types:
   - 'ed25519'
   # - 'rsa'
@@ -56,17 +59,17 @@ sshd__macs:
   # - 'hmac-sha1'
 
 # Enable AllowUsers and AllowGroups options
-sshd__restrict_users: True
+sshd__restrict_users: true
 sshd__allowed_users:
   - "root"
   - "ansible"
-sshd__restrict_groups: True
+sshd__restrict_groups: true
 sshd__allowed_groups:
   - "root"
   - "admins"
-sshd__xforwarding: True
+sshd__xforwarding: true
 
-sshd__state: present # use latest for upgrading
+sshd__state: present  # use latest for upgrading
 
 # perform simple version check for this role? (true is recomended)
 submodules_versioncheck: false
diff --git a/handlers/main.yml b/handlers/main.yml
index 2ebe567..4631e53 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: systemctl restart ssh
-  become: yes
+  become: true
   ansible.builtin.systemd:
     name: "{{ sshd__service }}"
     state: restarted
diff --git a/meta/main.yml b/meta/main.yml
index 659d41a..bf1ce54 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,25 +1,20 @@
 ---
 galaxy_info:
-  author: L3D
+  role_name: sshd
+  author: do1jlr
   description: Manage your SSH Server - and deploy a good sshd configuration
   license: "MIT"
-  min_ansible_version: 2.3
-  github_branch: master
+  min_ansible_version: 2.8
+  github_branch: main
   platforms:
     - name: Archlinux
       versions: all
     - name: Debian
-      versions:
-        - stretch
-        - sid
+      versions: all
     - name: Ubuntu
-      versions:
-        - bionic
-        - cosmic
+      versions: all
     - name: Fedora
-      versions:
-        - 28
-        - 29
+      versions: all
   galaxy_tags:
     - ssh
     - sshd