evolinux-base/evolinux-users: sort sshd_config files

This commit is contained in:
Jérémy Lecour 2024-08-23 17:50:18 +02:00 committed by Jérémy Lecour
parent d4ba733517
commit 83ce67d3da
Signed by: jlecour
SSH key fingerprint: SHA256:h+5LgHRKwN9lS0SsdVR5yZPeFlJE4Mt+8UtL4CcP8dY
3 changed files with 5 additions and 5 deletions

View file

@ -66,7 +66,7 @@
- name: "Append user to existing AllowUsers sshd directive"
ansible.builtin.replace:
dest: "{{ grep_allowusers_ssh.stdout_lines[0] }}"
dest: "{{ grep_allowusers_ssh.stdout_lines | sort | first }}"
regexp: '^(AllowUsers ((?!{{ _logname.stdout }}).)*)$'
replace: '\1 {{ _logname.stdout }}'
validate: '/usr/sbin/sshd -t -f %s'
@ -96,7 +96,7 @@
- name: "Append evolinux ssh group to AllowGroups sshd directive"
ansible.builtin.replace:
dest: "{{ grep_allowgroups_ssh.stdout_lines[0] }}"
dest: "{{ grep_allowgroups_ssh.stdout_lines | sort | first }}"
regexp: '^(AllowGroups ((?!{{ evolinux_ssh_group }}).)*)$'
replace: '\1 {{ evolinux_ssh_group }}'
validate: '/usr/sbin/sshd -t -f %s'

View file

@ -46,7 +46,7 @@
- name: "Append '{{ evolinux_ssh_group }}' to AllowGroups sshd directive"
ansible.builtin.replace:
dest: "{{ grep_allowgroups_ssh.stdout_lines[0] }}"
dest: "{{ grep_allowgroups_ssh.stdout_lines | sort | first }}"
regexp: '^(AllowGroups ((?!\b{{ evolinux_ssh_group }}\b).)*)$'
replace: '\1 {{ evolinux_ssh_group }}'
validate: '/usr/sbin/sshd -t -f %s'

View file

@ -45,7 +45,7 @@
- name: "Append '{{ user.name }}' to AllowUsers sshd directive"
ansible.builtin.replace:
dest: "{{ grep_allowusers_ssh.stdout_lines[0] }}"
dest: "{{ grep_allowusers_ssh.stdout_lines | sort | first }}"
regexp: '^(AllowUsers ((?!\b{{ user.name }}\b).)*)$'
replace: '\1 {{ user.name }}'
validate: '/usr/sbin/sshd -t -f %s'
@ -74,7 +74,7 @@
- name: "Append '{{ user.name }}' to Match User's sshd directive (Debian <= 10)"
ansible.builtin.replace:
dest: "{{ grep_matchuser_ssh.stdout_lines[0] }}"
dest: "{{ grep_matchuser_ssh.stdout_lines | sort | first }}"
regexp: '^(Match User ((?!{{ user.name }}).)*)$'
replace: '\1,{{ user.name }}'
validate: '/usr/sbin/sshd -t -f %s'