mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-20 01:21:36 +02:00
Code Issues

Enable the sshd role in playbooks/all-hosts-basic

Browse Source 
Move the 'sshd_enable_includes' override to aur's host vars instead of
specifying it as part of playbooks/aur.archlinux.org. Otherwise, would
break the AUR's SSH auth if ssh.d/aurweb_config does not get included.
This commit is contained in:
Evangelos Foutras 2022-10-14 19:53:04 +03:00
parent 6485d482d5
commit 9f3149d00e
No known key found for this signature in database
GPG Key ID: 51E8B148A9999C34
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
host_vars/aur.archlinux.org/misc
View File

@ -1,4 +1,5 @@
filesystem: btrfs
memcached_socket: "/run/memcached/aurweb.sock"
sshd_enable_includes: true
wireguard_address: 10.0.0.2
wireguard_public_key: TPLeGQ7qU6ZNtcgDbEV0SSYScvK+XS5igcPdGSXo6UA=

3
playbooks/all-hosts-basic.yml
View File

@ -5,8 +5,7 @@
- { role: common }
- { role: firewalld }
- { role: wireguard }
# reconfiguring sshd may break the AUR on luna (unchecked)
# - { role: sshd, tags: ['sshd'] }
- { role: sshd }
- { role: root_ssh }
- { role: borg_client, tags: ["borg"], when: "'borg_clients' in group_names" }
- { role: hardening }

2
playbooks/aur.archlinux.org.yml
View File

@ -3,7 +3,7 @@
remote_user: root
roles:
- { role: common }
- { role: sshd, sshd_enable_includes: true }
- { role: sshd }
- { role: root_ssh }
- { role: prometheus_exporters }
- { role: promtail }