fix(idiom): prefix variables with rule path
Signed-off-by: Matej Focko <me@mfocko.xyz>
This commit is contained in:
parent
c83836b900
commit
dcc13e1558
8 changed files with 21 additions and 21 deletions
|
@ -7,11 +7,11 @@ desktops:
|
||||||
ohm:
|
ohm:
|
||||||
|
|
||||||
vars:
|
vars:
|
||||||
sshd_port: 22
|
system_sshd_port: 22
|
||||||
sshd_sign_host_keys: false
|
system_sshd_sign_host_keys: false
|
||||||
sshd_auth_password_authentication: "yes"
|
system_sshd_auth_password_authentication: "yes"
|
||||||
|
|
||||||
flatpak_apps:
|
system_flatpak_apps:
|
||||||
- "com.chatterino.chatterino/{{ ansible_architecture }}/stable"
|
- "com.chatterino.chatterino/{{ ansible_architecture }}/stable"
|
||||||
- com.discordapp.Discord
|
- com.discordapp.Discord
|
||||||
- com.spotify.Client
|
- com.spotify.Client
|
||||||
|
|
|
@ -3,4 +3,4 @@ servers:
|
||||||
hosts:
|
hosts:
|
||||||
poincare:
|
poincare:
|
||||||
maxwell:
|
maxwell:
|
||||||
sshd_port: 6969
|
system_sshd_port: 6969
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
---
|
---
|
||||||
flatpak_apps: []
|
system_flatpak_apps: []
|
||||||
|
|
|
@ -11,6 +11,6 @@
|
||||||
community.general.flatpak:
|
community.general.flatpak:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: present
|
state: present
|
||||||
loop: "{{ flatpak_apps }}"
|
loop: "{{ system_flatpak_apps }}"
|
||||||
become: true
|
become: true
|
||||||
when: flatpak_apps
|
when: system_flatpak_apps
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
sshd_port: 10022
|
system_sshd_port: 10022
|
||||||
sshd_sign_host_keys: true
|
system_sshd_sign_host_keys: true
|
||||||
|
|
||||||
sshd_auth_permit_root_login: "no"
|
system_sshd_auth_permit_root_login: "no"
|
||||||
sshd_auth_password_authentication: "no"
|
system_sshd_auth_password_authentication: "no"
|
||||||
sshd_auth_trusted_ca: true
|
system_sshd_auth_trusted_ca: true
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
- name: Restart SSH server
|
- name: Restart SSH server
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: "{{ sshd_unit }}"
|
name: "{{ system_sshd_unit }}"
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
|
@ -5,17 +5,17 @@
|
||||||
|
|
||||||
- name: Set sshd systemd unit for Ubuntu
|
- name: Set sshd systemd unit for Ubuntu
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
sshd_unit: ssh
|
system_sshd_unit: ssh
|
||||||
when: ansible_distribution == "Ubuntu"
|
when: ansible_distribution == "Ubuntu"
|
||||||
|
|
||||||
- name: Set sshd systemd unit for co-Ubuntu
|
- name: Set sshd systemd unit for co-Ubuntu
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
sshd_unit: sshd
|
system_sshd_unit: sshd
|
||||||
when: ansible_distribution != "Ubuntu"
|
when: ansible_distribution != "Ubuntu"
|
||||||
|
|
||||||
- name: Enable SSH server
|
- name: Enable SSH server
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: "{{ sshd_unit }}"
|
name: "{{ system_sshd_unit }}"
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
- name: Harden the SSH config
|
- name: Harden the SSH config
|
||||||
|
@ -29,4 +29,4 @@
|
||||||
|
|
||||||
- name: Set trusted CA
|
- name: Set trusted CA
|
||||||
ansible.builtin.include_tasks: trusted_ca.yml
|
ansible.builtin.include_tasks: trusted_ca.yml
|
||||||
when: sshd_auth_trusted_ca
|
when: system_sshd_auth_trusted_ca
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# Port
|
# Port
|
||||||
Port {{ sshd_port }}
|
Port {{ system_sshd_port }}
|
||||||
|
|
||||||
# Auth
|
# Auth
|
||||||
PermitRootLogin {{ sshd_auth_permit_root_login }}
|
PermitRootLogin {{ system_sshd_auth_permit_root_login }}
|
||||||
PasswordAuthentication {{ sshd_auth_password_authentication }}
|
PasswordAuthentication {{ system_sshd_auth_password_authentication }}
|
||||||
|
|
Loading…
Reference in a new issue