archf.openssh-server
ansible-openssh-server
A role to install and configure openssh-server on a target host.
Ansible requirements
Ansible version
Minimum required ansible version is 2.0.
Ansible role dependencies
None.
Installation
Install with Ansible Galaxy
ansible-galaxy install archf.openssh-server
Basic usage is:
- hosts: all
roles:
- role: archf.openssh-server
Install with git
If you do not want a global installation, clone it into your roles_path.
git clone [email protected]:archf/ansible-openssh-server.git /path/to/roles_path
But I often add it as a submdule in a given playbook_dir repository.
git submodule add [email protected]:archf/ansible-openssh-server.git <playbook_dir>/roles/openssh-server
As the role is not managed by Ansible Galaxy, you do not have to specify the github user account.
Basic usage is:
- hosts: all
roles:
- role: openssh-server
User Guide
Configure the sshd daemon using one of the variables below:
sshd_Port: 22
sshd_PermitRootLogin: 'yes'
sshd_ChallengeResponseAuthentication: 'no'
sshd_GSSAPICleanupCredentials: 'no'
sshd_X11Forwarding: 'yes'
sshd_ClientAliveInterval: 0
sshd_ClientAliveCountMax: 3
sshd_PasswordAuthentication: 'yes'
sshd_Banner: 'none'
Role Variables
Variables are divided in three types.
The default vars section shows you which variables you may override in your ansible inventory. As a matter of fact, all variables should be defined there for explicitness, ease of documentation as well as overall role manageability.
The mandatory variables section contains variables that for several reasons do not fit into the default variables. As name implies, they must absolutely be defined in the inventory or else the role will fail. It is a good thing to avoid reach for these as much as possible and/or design the role with clear behavior when they're undefined.
The context variables are shown in section below hint you on how runtime context may affects role execution.
Default vars
Role default variables from defaults/main.yml.
# Currently supported settings are those grouped in the hash below. To override
# a setting, create a key in your inventory and prefix it by `sshd_`. Casing
# must be preserved and is the same as per the 'sshd_config' manual. For
# example, to disable 'PasswordAuthentication', your would add the following key
# in Ansible inventory variables: sshd_PasswordAuthentication: 'no'
sshd_defaults:
Port: 22
PermitRootLogin: 'yes'
ChallengeResponseAuthentication: 'no'
GSSAPICleanupCredentials: 'no'
X11Forwarding: 'yes'
ClientAliveInterval: 0
ClientAliveCountMax: 3
PasswordAuthentication: 'yes'
Banner: 'none'
Mandatory variables
None.
Context variables
Those variables from vars/*.{yml,json} are loaded dynamically during task
runtime using the include_vars module.
Variables loaded from vars/Debian.yml.
sshd_service_name: ssh
sshd_packages:
- openssh-server
Variables loaded from vars/RedHat.yml.
sshd_service_name: sshd
sshd_packages:
- openssh-server
License
MIT.
Author Information
Felix Archambault.
Please do not edit this file. This role README.md was generated using the
'ansidoc' python tool available on pypi!
Installation:
pip3 install ansidoc
Basic usage:
Validate output by running a dry-run (will output result to stdout)
ansidoc --dry-run <rolepath>
Generate you role readme file. Will write a README.md file under
<rolepath>/README.md.
ansidoc <rolepath>
Also usable programatically from Sphinx.
ansible-galaxy install archf.openssh-server