Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Add basessh tag for consistency

Browse source 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk 2017-08-16 17:44:16 +00:00
parent aef0feda87
commit bfa06337cc
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
roles/basessh/tasks/main.yml
View file

@ -5,6 +5,7 @@
check_mode: no check_mode: no
changed_when: false changed_when: false
tags: tags:
- basessh
- sshd_config - sshd_config
- config - config
- sshd - sshd
@ -15,6 +16,7 @@
command: semanage port -a -t ssh_port_t -p tcp {{ sshd_port }} command: semanage port -a -t ssh_port_t -p tcp {{ sshd_port }}
when: sshd_selinux_port.stdout.find('{{ sshd_port }}') == -1 when: sshd_selinux_port.stdout.find('{{ sshd_port }}') == -1
tags: tags:
- basessh
- sshd_config - sshd_config
- config - config
- sshd - sshd
@ -34,6 +36,7 @@
notify: notify:
- restart sshd - restart sshd
tags: tags:
- basessh
- sshd_config - sshd_config
- config - config
- sshd - sshd
@ -45,6 +48,7 @@
patterns="ssh_host_*_key" patterns="ssh_host_*_key"
register: ssh_key_files register: ssh_key_files
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -56,6 +60,7 @@
with_items: "{{ssh_key_files.files}}" with_items: "{{ssh_key_files.files}}"
register: ssh_cert_files register: ssh_cert_files
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -66,6 +71,7 @@
set_fact: set_fact:
certs_to_sign: "[]" certs_to_sign: "[]"
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -78,6 +84,7 @@
with_items: "{{ssh_cert_files.results}}" with_items: "{{ssh_cert_files.results}}"
when: not item.stat.exists when: not item.stat.exists
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -89,6 +96,7 @@
- set_fact: - set_fact:
pubkeydir: "/tmp/sshkeysign" pubkeydir: "/tmp/sshkeysign"
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -104,6 +112,7 @@
delegate_to: "batcave01.phx2.fedoraproject.org" delegate_to: "batcave01.phx2.fedoraproject.org"
run_once: true run_once: true
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -116,6 +125,7 @@
fail_on_missing=true fail_on_missing=true
with_items: "{{certs_to_sign}}" with_items: "{{certs_to_sign}}"
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -127,6 +137,7 @@
sign_hostnames: "{{ssh_hostnames}} + ['{{inventory_hostname}}']" sign_hostnames: "{{ssh_hostnames}} + ['{{inventory_hostname}}']"
sign_validity: "-1h:+52w" sign_validity: "-1h:+52w"
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -139,6 +150,7 @@
delegate_to: "batcave01.phx2.fedoraproject.org" delegate_to: "batcave01.phx2.fedoraproject.org"
with_items: "{{certs_to_sign}}" with_items: "{{certs_to_sign}}"
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config
@ -152,6 +164,7 @@
notify: notify:
- restart sshd - restart sshd
tags: tags:
- basessh
- sshd_cert - sshd_cert
- sshd_config - sshd_config
- config - config