Skip to content

Commit

Permalink
Conditionally disable configuring SSHd; closed #4
Browse files Browse the repository at this point in the history
  • Loading branch information
@strebitz
strebitz committed Apr 28, 2020
1 parent b1cf7c5 commit 37aa7a3
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,4 @@ sftp_allow_passwords: False
sftp_enable_selinux_support: False
sftp_enable_logging: False
sftp_nologin_shell: /sbin/nologin
sftp_configure_sshd: true
2 changes: 2 additions & 0 deletions tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
line: "Subsystem sftp internal-sftp -f AUTH -l VERBOSE"
state: present
notify: SFTP-Server | Restart sshd
when: sftp_configure_sshd

- name: SFTP-Server | Ensure SELinux management package is present
package:
Expand Down Expand Up @@ -50,6 +51,7 @@
ForceCommand internal-sftp {{ sftp_enable_logging | ternary('-l VERBOSE', '') }} {{ (sftp_start_directory in sftp_directories) | ternary('-d /' + sftp_start_directory, '') }}
PasswordAuthentication {{ sftp_allow_passwords | ternary('yes', 'no') }}
notify: SFTP-Server | Restart sshd
when: sftp_configure_sshd

- name: SFTP-Server | Create sftp user's group
group:
Expand Down

0 comments on commit 37aa7a3

Please sign in to comment.