54 lines
1.3 KiB
YAML
54 lines
1.3 KiB
YAML
---
|
|
- name: wrapper playbook for kitchen testing "ansible-ssh-hardening" with default settings
|
|
hosts: localhost
|
|
pre_tasks:
|
|
- name: use python3
|
|
set_fact:
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
when: ansible_facts.distribution == 'Fedora'
|
|
|
|
- yum:
|
|
name:
|
|
- openssh-clients
|
|
- openssh-server
|
|
- libselinux-python
|
|
state: present
|
|
update_cache: true
|
|
ignore_errors: true
|
|
|
|
- dnf:
|
|
name:
|
|
- openssh-clients
|
|
- openssh-server
|
|
- procps-ng
|
|
state: present
|
|
update_cache: true
|
|
ignore_errors: true
|
|
|
|
- apt:
|
|
name:
|
|
- openssh-client
|
|
- openssh-server
|
|
state: present
|
|
update_cache: true
|
|
ignore_errors: true
|
|
|
|
- file:
|
|
path: "/var/run/sshd"
|
|
state: directory
|
|
|
|
- pacman:
|
|
name:
|
|
- "openssh"
|
|
- "awk"
|
|
state: present
|
|
update_cache: true
|
|
ignore_errors: true
|
|
|
|
- name: create ssh host keys
|
|
command: "ssh-keygen -A"
|
|
when: not ((ansible_facts.os_family in ['Oracle Linux', 'RedHat']) and ansible_facts.distribution_major_version < '7') or
|
|
ansible_facts.distribution == "Fedora" or
|
|
ansible_facts.distribution == "Amazon"
|
|
roles:
|
|
- ansible-ssh-hardening
|