Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/archf/ansible-openssh-server

Ansible role to configure sshd on a remote host
https://github.com/archf/ansible-openssh-server

ansible role sshd

Last synced: 11 months ago
JSON representation

Ansible role to configure sshd on a remote host

Awesome Lists containing this project

README 

          
# ansible-openssh-server



A role to install and configure openssh-server on a target host.



## Ansible requirements



### Ansible version



Minimum required ansible version is 2.0.



### Ansible role dependencies



None.



## Installation



### Install with Ansible Galaxy



```shell

ansible-galaxy install archf.openssh-server

```



Basic usage is:



```yaml

- hosts: all

  roles:

    - role: archf.openssh-server

```



### Install with git



If you do not want a global installation, clone it into your `roles_path`.



```shell

git clone git@github.com:archf/ansible-openssh-server.git /path/to/roles_path

```



But I often add it as a submdule in a given `playbook_dir` repository.



```shell

git submodule add git@github.com:archf/ansible-openssh-server.git /roles/openssh-server

```



As the role is not managed by Ansible Galaxy, you do not have to specify the

github user account.



Basic usage is:



```yaml

- hosts: all

  roles:

  - role: openssh-server

```

## User Guide



Configure the sshd daemon using one of the variables below:



```yaml

sshd_Port: 22

sshd_PermitRootLogin: 'yes'

sshd_ChallengeResponseAuthentication: 'no'

sshd_GSSAPICleanupCredentials: 'no'

sshd_X11Forwarding: 'yes'

sshd_ClientAliveInterval: 0

sshd_ClientAliveCountMax: 3

sshd_PasswordAuthentication: 'yes'

sshd_Banner: 'none'

```



## Role Variables



Variables are divided in three types.



The [default vars](#default-vars) section shows you which variables you may

override in your ansible inventory. As a matter of fact, all variables should

be defined there for explicitness, ease of documentation as well as overall

role manageability.



The [mandatory variables](#mandatory-variables) section contains variables that

for several reasons do not fit into the default variables. As name implies,

they must absolutely be defined in the inventory or else the role will

fail. It is a good thing to avoid reach for these as much as possible and/or

design the role with clear behavior when they're undefined.



The [context variables](#context-variables) are shown in section below hint you

on how runtime context may affects role execution.



### Default vars



Role default variables from `defaults/main.yml`.



```yaml

# Currently supported settings are those grouped in the hash below. To override

# a setting, create a key in your inventory and prefix it by `sshd_`. Casing

# must be preserved and is the same as per the 'sshd_config' manual. For

# example, to disable 'PasswordAuthentication', your would add the following key

# in Ansible inventory variables: sshd_PasswordAuthentication: 'no'

sshd_defaults:

  Port: 22

  PermitRootLogin: 'yes'

  ChallengeResponseAuthentication: 'no'

  GSSAPICleanupCredentials: 'no'

  X11Forwarding: 'yes'

  ClientAliveInterval: 0

  ClientAliveCountMax: 3

  PasswordAuthentication: 'yes'

  Banner: 'none'



```



### Mandatory variables



None.



### Context variables



Those variables from `vars/*.{yml,json}` are loaded dynamically during task

runtime using the `include_vars` module.



Variables loaded from `vars/Debian.yml`.



```yaml

sshd_service_name: ssh



sshd_packages:

  - openssh-server



```



Variables loaded from `vars/RedHat.yml`.



```yaml

sshd_service_name: sshd



sshd_packages:

  - openssh-server



```



## License



MIT.



## Author Information



Felix Archambault.



---

Please do not edit this file. This role `README.md` was generated using the

'ansidoc' python tool available on pypi!



*Installation:*



```shell

pip3 install ansidoc

```



*Basic usage:*



Validate output by running a dry-run (will output result to stdout)

```shell

ansidoc --dry-run 

```



Generate you role readme file. Will write a `README.md` file under

`/README.md`.

```shell

ansidoc 

```



Also usable programatically from Sphinx.