mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-21 19:56:02 +02:00
sshd: remove support for custom ssh.d directory
The same drop-in functionality is now provided by the openssh package via /etc/ssh/sshd_config.d/.
This commit is contained in:
parent
ea4b833fa6
commit
404f8b3aae
|
@ -5,6 +5,5 @@ fail2ban_jails:
|
||||||
dovecot: false
|
dovecot: false
|
||||||
nginx_limit_req: true
|
nginx_limit_req: true
|
||||||
memcached_socket: "/run/memcached/aurweb.sock"
|
memcached_socket: "/run/memcached/aurweb.sock"
|
||||||
sshd_enable_includes: true
|
|
||||||
wireguard_address: 10.0.0.2
|
wireguard_address: 10.0.0.2
|
||||||
wireguard_public_key: TPLeGQ7qU6ZNtcgDbEV0SSYScvK+XS5igcPdGSXo6UA=
|
wireguard_public_key: TPLeGQ7qU6ZNtcgDbEV0SSYScvK+XS5igcPdGSXo6UA=
|
||||||
|
|
|
@ -8,4 +8,3 @@
|
||||||
- install_arch
|
- install_arch
|
||||||
vars:
|
vars:
|
||||||
- bootstrap_version: "latest"
|
- bootstrap_version: "latest"
|
||||||
- sshd_enable_includes: false
|
|
||||||
|
|
|
@ -317,7 +317,7 @@
|
||||||
become_user: "{{ aurweb_user }}"
|
become_user: "{{ aurweb_user }}"
|
||||||
|
|
||||||
- name: Configure sshd
|
- name: Configure sshd
|
||||||
template: src=aurweb_config.j2 dest={{ sshd_includes_dir }}/aurweb_config owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
|
template: src=aurweb_config.j2 dest=/etc/ssh/sshd_config.d/aurweb.conf owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
|
||||||
notify:
|
notify:
|
||||||
- Restart sshd
|
- Restart sshd
|
||||||
|
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
sshd_includes_dir: '/etc/ssh/ssh.d'
|
|
||||||
sshd_enable_includes: false
|
|
|
@ -9,10 +9,6 @@
|
||||||
- name: Install motd
|
- name: Install motd
|
||||||
template: src=motd.j2 dest=/etc/motd owner=root group=root mode=0644
|
template: src=motd.j2 dest=/etc/motd owner=root group=root mode=0644
|
||||||
|
|
||||||
- name: Create the includes dir
|
|
||||||
file: path="{{ sshd_includes_dir }}" state=directory mode=0755
|
|
||||||
when: sshd_enable_includes
|
|
||||||
|
|
||||||
- name: Start and enable sshd
|
- name: Start and enable sshd
|
||||||
service: name=sshd enabled=yes state=started
|
service: name=sshd enabled=yes state=started
|
||||||
|
|
||||||
|
|
|
@ -117,10 +117,6 @@ Subsystem sftp /usr/lib/ssh/sftp-server
|
||||||
# unlink forwarded sockets; for gpg agent forwarding
|
# unlink forwarded sockets; for gpg agent forwarding
|
||||||
StreamLocalBindUnlink yes
|
StreamLocalBindUnlink yes
|
||||||
|
|
||||||
{% if sshd_enable_includes %}
|
|
||||||
Include {{ sshd_includes_dir }}/*
|
|
||||||
{% endif -%}
|
|
||||||
|
|
||||||
# Example of overriding settings on a per-user basis
|
# Example of overriding settings on a per-user basis
|
||||||
#Match User anoncvs
|
#Match User anoncvs
|
||||||
# X11Forwarding no
|
# X11Forwarding no
|
||||||
|
|
Loading…
Reference in New Issue