summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--roles/sshd/tasks/main.yml7
-rw-r--r--subplot.subplot3
2 files changed, 9 insertions, 1 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index d5ce5c2..66f9103 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -3,11 +3,18 @@
[ "{{ sshd_version }}" = "1" ] || \
(echo "Unexpected version {{ sshd_version }}" 1>&2; exit 1)
+- name: "sshd role configuration sanity check"
+ when: not sshd_allow_authorized_keys and sshd_user_ca_pub is not defined
+ shell: |
+ echo "You MUST define sshd_allow_authorized_keys OR sshd_user_ca_pub"
+ exit 1
+
- name: "Configure SSH server to read config files in sshd_config.d"
lineinfile:
path: /etc/ssh/sshd_config
regexp: "Include /etc/ssh/sshd_config.d"
line: "Include /etc/ssh/sshd_config.d/*.conf"
+ insertbefore: BOF
- name: "Set SSH host identity"
when: sshd_host_key is defined and sshd_host_cert is defined
diff --git a/subplot.subplot b/subplot.subplot
index 7cc234d..5d8083f 100644
--- a/subplot.subplot
+++ b/subplot.subplot
@@ -1,5 +1,6 @@
title: "debian-ansible—Ansible roles for Debian systems"
-author: Lars Wirzenius
+authors:
+ - Lars Wirzenius
markdowns:
- subplot.md
bindings: