1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_sshd.git synced 2024-08-16 11:59:49 +02:00

start adding github actions and improve meta

This commit is contained in:
L3D 2021-03-11 00:17:05 +01:00
parent 1c2dc323e7
commit d09093a3fd
Signed by: l3d
GPG key ID: CD08445BFF4313D1
7 changed files with 64 additions and 21 deletions

1
.cache/roles/do1jlr.sshd Symbolic link
View file

@ -0,0 +1 @@
../..

2
.github/FUNDING.yml vendored
View file

@ -1,4 +1,4 @@
# These are supported funding model platforms ---
github: [do1jlr] github: [do1jlr]
liberapay: L3D liberapay: L3D

View file

@ -0,0 +1,22 @@
---
name: Ansible Lint check
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible/ansible-lint-action@master
with:
targets: "."
# [required]
# Paths to ansible files (i.e., playbooks, tasks, handlers etc..)
args: ""
# [optional]

22
.github/workflows/yamllint.yaml vendored Normal file
View file

@ -0,0 +1,22 @@
---
name: 'Yamllint GitHub Actions'
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
yamllint:
name: 'Yamllint'
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@master
- name: 'Yamllint'
uses: karancode/yamllint-github-action@master
with:
yamllint_file_or_dir: '.'
yamllint_config_filepath: './.yamllint'
yamllint_strict: false
yamllint_comment: true
# env:
# GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }

View file

@ -4,11 +4,14 @@
# set the ssh server port # set the ssh server port
sshd__port: 22 sshd__port: 22
# ssh password authorisatuin (not recomended)
# ssh password authorisatuin (not recomended)
sshd__password_authentication: false sshd__password_authentication: false
# should we disable not selected ssh key types?
# should we disable not selected ssh key types?
sshd__manage_key_types: true sshd__manage_key_types: true
# choose ssh server allowed key types
# choose ssh server allowed key types
sshd__key_types: sshd__key_types:
- 'ed25519' - 'ed25519'
# - 'rsa' # - 'rsa'
@ -56,15 +59,15 @@ sshd__macs:
# - 'hmac-sha1' # - 'hmac-sha1'
# Enable AllowUsers and AllowGroups options # Enable AllowUsers and AllowGroups options
sshd__restrict_users: True sshd__restrict_users: true
sshd__allowed_users: sshd__allowed_users:
- "root" - "root"
- "ansible" - "ansible"
sshd__restrict_groups: True sshd__restrict_groups: true
sshd__allowed_groups: sshd__allowed_groups:
- "root" - "root"
- "admins" - "admins"
sshd__xforwarding: True sshd__xforwarding: true
sshd__state: present # use latest for upgrading sshd__state: present # use latest for upgrading

View file

@ -1,6 +1,6 @@
--- ---
- name: systemctl restart ssh - name: systemctl restart ssh
become: yes become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: "{{ sshd__service }}" name: "{{ sshd__service }}"
state: restarted state: restarted

View file

@ -1,25 +1,20 @@
--- ---
galaxy_info: galaxy_info:
author: L3D role_name: sshd
author: do1jlr
description: Manage your SSH Server - and deploy a good sshd configuration description: Manage your SSH Server - and deploy a good sshd configuration
license: "MIT" license: "MIT"
min_ansible_version: 2.3 min_ansible_version: 2.8
github_branch: master github_branch: main
platforms: platforms:
- name: Archlinux - name: Archlinux
versions: all versions: all
- name: Debian - name: Debian
versions: versions: all
- stretch
- sid
- name: Ubuntu - name: Ubuntu
versions: versions: all
- bionic
- cosmic
- name: Fedora - name: Fedora
versions: versions: all
- 28
- 29
galaxy_tags: galaxy_tags:
- ssh - ssh
- sshd - sshd