(Still in alpha stage. Not ready for production!)
Idempotent wrapper to role dev-sec.ssh-hardening with automatic fallback to default port 22.
- Make fallback code more resilient
- Proper tests (Molecule?)
- Submit to Galaxy
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
No specific variables. But it does use inventory variable ansible_port. Also, being a wrapper to dev-sec.ssh-hardening, all variables relevant to that role will be applied. Please refer to its documentation for more details.
It calls role dev-sec.ssh-hardening. When using this role, variable ssh_server_ports is not available since it will always be overwritten with the inventory variable ansible_port.
- hosts: servers
roles:
- role: nununo.ssh-hardening-fallback
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
- Author: Nuno Godinho
- Inspired by this post by: David Moreau Simard