2018-12-17 12:50:15 +00:00
|
|
|
---
|
|
|
|
|
- name: wrapper playbook for kitchen testing "ansible-ssh-hardening" with default settings
|
|
|
|
|
hosts: localhost
|
|
|
|
|
pre_tasks:
|
2020-05-15 20:41:39 +00:00
|
|
|
- name: use python3
|
|
|
|
|
set_fact:
|
|
|
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
|
|
|
when: ansible_facts.distribution == 'Fedora'
|
|
|
|
|
|
|
|
|
|
- package: name="{{ packages }}" state=present
|
|
|
|
|
vars:
|
|
|
|
|
packages:
|
|
|
|
|
- openssh-clients
|
|
|
|
|
- openssh-server
|
|
|
|
|
- libselinux-python
|
2018-12-17 12:50:15 +00:00
|
|
|
ignore_errors: true
|
2020-05-15 20:41:39 +00:00
|
|
|
- apt: name="{{packages}}" state=present update_cache=true
|
|
|
|
|
vars:
|
|
|
|
|
packages:
|
|
|
|
|
- "openssh-client"
|
|
|
|
|
- "openssh-server"
|
2018-12-17 12:50:15 +00:00
|
|
|
ignore_errors: true
|
|
|
|
|
- file: path="/var/run/sshd" state=directory
|
|
|
|
|
- name: create ssh host keys
|
|
|
|
|
command: "ssh-keygen -A"
|
2020-05-15 20:41:39 +00:00
|
|
|
when: not ((ansible_facts.os_family in ['Oracle Linux', 'RedHat']) and ansible_facts.distribution_major_version < '7') or
|
|
|
|
|
ansible_facts.distribution == "Fedora" or
|
|
|
|
|
ansible_facts.distribution == "Amazon"
|
2018-12-17 12:50:15 +00:00
|
|
|
|
|
|
|
|
roles:
|
|
|
|
|
- ansible-ssh-hardening
|
