evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity
3582 commits 76 branches 56 tags 128 MiB
Commit graph

31 commits

Author SHA1 Message Date
Alexis Ben Miloud--Josselin 536d051890 Fix mode for files under /etc/ssh/sshd_config.d
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2621|5|2616|10|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/322//ansiblelint">Evolix » ansible-roles » unstable #322</a>
Details
gitea/ansible-roles/pipeline/head This commit looks good
Details
2023-08-16 18:21:06 +02:00
Alexis Ben Miloud--Josselin 4a0d3a4965 Fix permitrootlogin condition 2023-08-16 15:25:07 +02:00
Alexis Ben Miloud--Josselin fbb0b73e3a Add permitrootlogin at beginning of file 2023-08-16 15:25:07 +02:00
Alexis Ben Miloud--Josselin 86978a8225 evolinux-users: Fix "disable root login" task 2023-08-16 15:25:07 +02:00
Alexis Ben Miloud--Josselin fc8105e84e evolinux-users: prepare SSH configuration for Debian 12 (wip) 2023-08-16 15:25:07 +02:00
Alexis Ben Miloud--Josselin eca2b5e4bf fqcn 2023-08-16 15:25:07 +02:00
Alexis Ben Miloud--Josselin ec34d8afe1 Move PermitRootLogin to another file 
Debian >= 12.
 2023-08-16 15:25:07 +02:00
Jérémy Lecour ee21973371 Use FQCN
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2777|524|2253|2462|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/223//ansiblelint">Evolix » ansible-roles » unstable #223</a>
Details
gitea/ansible-roles/pipeline/head This commit looks good
Details 
Fully Qualified Collection Name
 2023-03-20 23:33:19 +01:00
Patrick Marchand 2c1ec040d1 Simplify user subset creation 
Instead of tags, allow only one subset of users to be created at a time.
 2022-08-24 09:05:29 -04:00
Patrick Marchand 9dfcfe1ef3 Made it possible to only create a subset of users
All checks were successful
gitea/ansible-roles/pipeline/head This commit looks good
Details 
The evolinux_users_create variable is a list of tags that defaults to ['active'].
Only the users that have one of the tags in the evolinux_users_create list will be created.
 2022-08-23 20:18:45 -04:00
Ludovic Poujol 519ef930df Update PermitRootLogin task to work on Debian 11
All checks were successful
continuous-integration/drone/push Build is passing
Details
2022-06-21 15:13:38 +02:00
Jérémy Lecour 2ed77c60f0 Improve Ansible syntax 
replace « x | changed » by « x is changed »
add explicit « bool » filter
use « length » filter instead of string comparison
 2021-05-09 23:06:42 +02:00
Jérémy Lecour 07fd6451e1 Use 'loop' syntax instead of 'with_dict' 2021-05-04 14:20:53 +02:00
Jérémy Lecour 7283e34077 Replace version_compare() with version() 2020-02-25 10:45:35 +01:00
Jérémy Lecour 79bb6103b8 Change "|version_compare" with "is version_compare" 2019-12-31 10:18:19 +01:00
Jérémy Lecour bc3b1182ea evolinux-users: default to AllowGroups (for SSH) in Debian 10 2018-04-20 10:25:14 +02:00
Jérémy Lecour 43d86f5541 evolinux-users: cover more cases for AllowUsers/Groups in sshd config 2018-04-18 18:21:09 +02:00
Jérémy Lecour 32c289d915 evolinux: improve case switching 
A case was missing : no AllowUsers/AllowGroups, on Debian 9
 2018-04-18 12:16:04 +02:00
Jérémy Lecour 2027420877 whitespaces 2018-04-18 12:16:04 +02:00
Jérémy Lecour f152ba66cd evolinux-users: regroup tasks 
1. create all accounts
2. configure sudo for everyone
3. configure ssh for everyone
 2018-04-18 12:16:04 +02:00
Jérémy Lecour e0ac7760f0 Use AllowGroups mode also if no AllowUsers is present at all 2018-04-18 12:16:04 +02:00
Jérémy Lecour 4fc58e4b1e evolinux-users: rename included files 2018-04-18 12:16:04 +02:00
Jérémy Lecour b01d9178d0 evolinux-users: split AllowGroups/AllowUsers modes 
If an AllowGroups directive is found or when using Debian 9+,
we use the AllowGroups directive and comment AllowUsers that may be
already present.
When adding a user, we make sure that the allowed group exists
and the use is in that group, to be sure that at least this user
is allowed to connect.

In other situations, we use the AllowUsers directive.
 2018-04-18 12:16:04 +02:00
Jérémy Lecour 8abed3e258 Use "command" instead of "shell" where possible 2018-04-04 23:36:00 +02:00
Jérémy Lecour c18b83d974 evolinux-users: deal with AllowGroups and AllowUsers differently 2018-02-08 15:29:53 +01:00
Jérémy Lecour 71cd04029c Insert "Match User" if missing (Jessie only) 2017-10-17 10:28:49 +02:00
Jérémy Lecour 8435ac192d evolinux-users: better detection of AllowUsers 2017-10-10 22:01:12 +02:00
Jérémy Lecour 13e1c0486b "egrep" is deprecated, use "grep -E" 2017-10-08 22:47:03 +02:00
Jérémy Lecour 8c1024c23c No need to add individual users, a group is enough 2017-10-08 14:23:21 +02:00
Jérémy Lecour f759b849a5 evolinux-users: install many ssh keys if needed 2017-10-06 01:06:59 +02:00
Jérémy Lecour 7b88393ccf Refactoring of admin-users + evolinux-base roles 
* rename admin-users to evolinux-users
* splitting the "sudo" part for users between jessie and stretch
* with stretch, the sudo group is customizable and properly configured
* import evolinux-users role from evolinux-base at proper time
  to ensure ssh connections are possible for other users before
  cutting root's access
* evomaintenance is also included in evolinux-base to have it available
  when users are created
 2017-10-06 01:06:59 +02:00
Renamed from admin-users/tasks/ssh.yml (Browse further)