mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-06-02 09:36:03 +02:00
roles/aurweb: Change aurweb role to support sshd includes
Added support for the aurweb role to the new openssh include mechanism, that's baked into our sshd role.
This commit is contained in:
parent
6c489c9bfc
commit
e70ab6ce45
|
@ -6,7 +6,7 @@
|
|||
roles:
|
||||
- { role: common }
|
||||
- { role: tools }
|
||||
- { role: sshd }
|
||||
- { role: sshd, sshd_enable_includes: true }
|
||||
- { role: root_ssh }
|
||||
- { role: certbot }
|
||||
- { role: nginx }
|
||||
|
|
|
@ -245,6 +245,6 @@
|
|||
- aurweb-tuvotereminder.timer
|
||||
|
||||
- name: configure sshd
|
||||
template: src=sshd_config.j2 dest=/etc/ssh/sshd_config owner=root group=root mode=0644 validate='/usr/sbin/sshd -t -f %s'
|
||||
template: src=aurweb_config.j2 dest={{ sshd_includes_dir }}/aurweb_config owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
|
||||
notify:
|
||||
- restart sshd
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
Match User {{ aurweb_user }}
|
||||
PasswordAuthentication no
|
||||
AuthorizedKeysCommand /usr/local/bin/aurweb-git-auth "%t" "%k"
|
||||
AuthorizedKeysCommandUser {{ aurweb_user }}
|
||||
AcceptEnv AUR_OVERWRITE
|
Loading…
Reference in New Issue