diff --git a/inventory/desktops.yml b/inventory/desktops.yml index a77073f..f8532be 100644 --- a/inventory/desktops.yml +++ b/inventory/desktops.yml @@ -7,24 +7,17 @@ desktops: ohm: vars: - sshd: - port: 22 + sshd_port: 22 + sshd_sign_host_keys: false + sshd_auth_password_authentication: "yes" - auth: - permit_root_login: "no" - password_authentication: "yes" - trusted_ca: true - - sign_host_keys: false - - flatpak: - apps: - - com.chatterino.chatterino - - com.discordapp.Discord - - com.spotify.Client - # - net.ankiweb.Anki - - org.gnome.DejaDup - - org.mozilla.Thunderbird - # - org.raspberrypi.rpi-imager - - org.telegram.desktop - # - org.x.Warpinator + flatpak_apps: + - com.chatterino.chatterino + - com.discordapp.Discord + - com.spotify.Client + # - net.ankiweb.Anki + - org.gnome.DejaDup + - org.mozilla.Thunderbird + # - org.raspberrypi.rpi-imager + - org.telegram.desktop + # - org.x.Warpinator diff --git a/inventory/servers.yml b/inventory/servers.yml index 0b20909..90c51e9 100644 --- a/inventory/servers.yml +++ b/inventory/servers.yml @@ -3,12 +3,4 @@ servers: hosts: poincare: maxwell: - sshd: - port: 6969 - - auth: - permit_root_login: "no" - password_authentication: "no" - trusted_ca: true - - sign_host_keys: true + sshd_port: 6969 diff --git a/roles/system/flatpak/defaults/main.yml b/roles/system/flatpak/defaults/main.yml index 65a3fa2..0489ac3 100644 --- a/roles/system/flatpak/defaults/main.yml +++ b/roles/system/flatpak/defaults/main.yml @@ -1,3 +1,2 @@ --- -flatpak: - apps: [] +flatpak_apps: [] diff --git a/roles/system/flatpak/tasks/main.yml b/roles/system/flatpak/tasks/main.yml index 08bc744..75e5a0b 100644 --- a/roles/system/flatpak/tasks/main.yml +++ b/roles/system/flatpak/tasks/main.yml @@ -11,5 +11,5 @@ community.general.packaging.os.flatpak: name: "{{ item }}" state: present - loop: "{{ flatpak.apps }}" - when: flatpak.apps + loop: "{{ flatpak_apps }}" + when: flatpak_apps diff --git a/roles/system/sshd/defaults/main.yml b/roles/system/sshd/defaults/main.yml index f353109..42abf2e 100644 --- a/roles/system/sshd/defaults/main.yml +++ b/roles/system/sshd/defaults/main.yml @@ -1,10 +1,7 @@ --- -sshd: - port: 10022 +sshd_port: 10022 +sshd_sign_host_keys: true - auth: - permit_root_login: "no" - password_authentication: "no" - trusted_ca: true - - sign_host_keys: true +sshd_auth_permit_root_login: "no" +sshd_auth_password_authentication: "no" +sshd_auth_trusted_ca: true diff --git a/roles/system/sshd/tasks/main.yml b/roles/system/sshd/tasks/main.yml index 24d3e5e..b9144d1 100644 --- a/roles/system/sshd/tasks/main.yml +++ b/roles/system/sshd/tasks/main.yml @@ -29,4 +29,4 @@ - name: Set trusted CA ansible.builtin.include_tasks: trusted_ca.yml - when: sshd.auth.trusted_ca + when: sshd_auth_trusted_ca diff --git a/roles/system/sshd/templates/10-harden.conf b/roles/system/sshd/templates/10-harden.conf index 9369da9..1b24217 100644 --- a/roles/system/sshd/templates/10-harden.conf +++ b/roles/system/sshd/templates/10-harden.conf @@ -1,6 +1,6 @@ # Port -Port {{ sshd.port }} +Port {{ sshd_port }} # Auth -PermitRootLogin {{ sshd.auth.permit_root_login }} -PasswordAuthentication {{ sshd.auth.password_authentication }} +PermitRootLogin {{ sshd_auth_permit_root_login }} +PasswordAuthentication {{ sshd_auth_password_authentication }}