sys_mailer_defaultdomain (default localdomain) and sshd_accept_env (default []) implemented.
This commit is contained in:
parent
b02c627cc6
commit
f5d6b7521a
3 changed files with 6 additions and 1 deletions
|
@ -3,12 +3,14 @@ has_hwrng: '{{ansible_virtualization_role != "guest" and ansible_lo
|
||||||
is_virt_guest: '{{ansible_virtualization_role == "guest"}}'
|
is_virt_guest: '{{ansible_virtualization_role == "guest"}}'
|
||||||
is_container: '{{ansible_virtualization_role == "guest" and ansible_virtualization_type == "lxc"}}'
|
is_container: '{{ansible_virtualization_role == "guest" and ansible_virtualization_type == "lxc"}}'
|
||||||
sys_default_users: []
|
sys_default_users: []
|
||||||
|
sys_mailer_defaultdomain: 'localdomain'
|
||||||
sshd_permit_root_login: 'prohibit-password'
|
sshd_permit_root_login: 'prohibit-password'
|
||||||
sshd_ciphers: 'chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr'
|
sshd_ciphers: 'chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr'
|
||||||
sshd_macs: 'hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com'
|
sshd_macs: 'hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com'
|
||||||
sshd_kex_algorithms: 'sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256'
|
sshd_kex_algorithms: 'sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256'
|
||||||
sshd_kerberos_authentication: 'no'
|
sshd_kerberos_authentication: 'no'
|
||||||
sshd_gssapi_authentication: 'no'
|
sshd_gssapi_authentication: 'no'
|
||||||
|
sshd_accept_env: []
|
||||||
sshd_host_keys:
|
sshd_host_keys:
|
||||||
- '/etc/ssh/ssh_host_ed25519_key'
|
- '/etc/ssh/ssh_host_ed25519_key'
|
||||||
sshd_pubkey_authentication: 'yes'
|
sshd_pubkey_authentication: 'yes'
|
||||||
|
|
|
@ -231,7 +231,7 @@
|
||||||
when: "mailer.changed"
|
when: "mailer.changed"
|
||||||
copy:
|
copy:
|
||||||
dest: /etc/nullmailer/defaultdomain
|
dest: /etc/nullmailer/defaultdomain
|
||||||
content: 'denkn.at'
|
content: '{{sys_mailer_defaultdomain}}'
|
||||||
owner: root
|
owner: root
|
||||||
group: mail
|
group: mail
|
||||||
mode: 0640
|
mode: 0640
|
||||||
|
|
|
@ -12,6 +12,9 @@ TCPKeepAlive yes
|
||||||
Ciphers {{sshd_ciphers_}}
|
Ciphers {{sshd_ciphers_}}
|
||||||
MACs {{sshd_macs_}}
|
MACs {{sshd_macs_}}
|
||||||
KexAlgorithms {{sshd_kex_algorithms_}}
|
KexAlgorithms {{sshd_kex_algorithms_}}
|
||||||
|
{%for k in sshd_accept_env%}
|
||||||
|
AcceptEnv {{k}}
|
||||||
|
{%endfor%}
|
||||||
{%for k in sshd_host_keys%}
|
{%for k in sshd_host_keys%}
|
||||||
HostKey {{k}}
|
HostKey {{k}}
|
||||||
{%endfor%}
|
{%endfor%}
|
||||||
|
|
Loading…
Add table
Reference in a new issue