evolinux-base/evolinux-users: sort sshd_config files
This commit is contained in:
parent
d4ba733517
commit
83ce67d3da
3 changed files with 5 additions and 5 deletions
|
@ -66,7 +66,7 @@
|
|||
|
||||
- name: "Append user to existing AllowUsers sshd directive"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ grep_allowusers_ssh.stdout_lines[0] }}"
|
||||
dest: "{{ grep_allowusers_ssh.stdout_lines | sort | first }}"
|
||||
regexp: '^(AllowUsers ((?!{{ _logname.stdout }}).)*)$'
|
||||
replace: '\1 {{ _logname.stdout }}'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
|
@ -96,7 +96,7 @@
|
|||
|
||||
- name: "Append evolinux ssh group to AllowGroups sshd directive"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ grep_allowgroups_ssh.stdout_lines[0] }}"
|
||||
dest: "{{ grep_allowgroups_ssh.stdout_lines | sort | first }}"
|
||||
regexp: '^(AllowGroups ((?!{{ evolinux_ssh_group }}).)*)$'
|
||||
replace: '\1 {{ evolinux_ssh_group }}'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
|
|
|
@ -46,7 +46,7 @@
|
|||
|
||||
- name: "Append '{{ evolinux_ssh_group }}' to AllowGroups sshd directive"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ grep_allowgroups_ssh.stdout_lines[0] }}"
|
||||
dest: "{{ grep_allowgroups_ssh.stdout_lines | sort | first }}"
|
||||
regexp: '^(AllowGroups ((?!\b{{ evolinux_ssh_group }}\b).)*)$'
|
||||
replace: '\1 {{ evolinux_ssh_group }}'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
|
|
|
@ -45,7 +45,7 @@
|
|||
|
||||
- name: "Append '{{ user.name }}' to AllowUsers sshd directive"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ grep_allowusers_ssh.stdout_lines[0] }}"
|
||||
dest: "{{ grep_allowusers_ssh.stdout_lines | sort | first }}"
|
||||
regexp: '^(AllowUsers ((?!\b{{ user.name }}\b).)*)$'
|
||||
replace: '\1 {{ user.name }}'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
|
@ -74,7 +74,7 @@
|
|||
|
||||
- name: "Append '{{ user.name }}' to Match User's sshd directive (Debian <= 10)"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ grep_matchuser_ssh.stdout_lines[0] }}"
|
||||
dest: "{{ grep_matchuser_ssh.stdout_lines | sort | first }}"
|
||||
regexp: '^(Match User ((?!{{ user.name }}).)*)$'
|
||||
replace: '\1,{{ user.name }}'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
|
|
Loading…
Reference in a new issue