diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bc43ab5..70e6297 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -47,11 +47,11 @@ jobs: - distro: debian10 - distro: debian11 - distro: debian12 - - distro: ubuntu1604 - ansible-version: '>=2.10, <2.11' - - distro: ubuntu1604 - distro: ubuntu1804 + ansible-version: '>=9, <10' - distro: ubuntu2004 + - distro: ubuntu2204 + - distro: ubuntu2404 steps: - name: Check out the codebase @@ -65,8 +65,8 @@ jobs: python-version: '3.x' - name: Install test dependencies - run: pip install 'ansible${{ matrix.ansible-version }}' molecule-plugins[docker] docker - + run: | + pip install 'ansible${{ matrix.ansible-version }}' molecule-plugins[docker] docker - name: Run Molecule tests run: | molecule test diff --git a/Vagrantfile b/Vagrantfile index 7f58430..e86d32d 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -4,13 +4,6 @@ role = File.basename(File.expand_path(File.dirname(__FILE__))) boxes = [ - { - :name => "ubuntu-1604", - :box => "bento/ubuntu-16.04", - :ip => '10.0.0.12', - :cpu => "50", - :ram => "256" - }, { :name => "ubuntu-1804", :box => "bento/ubuntu-18.04", @@ -23,7 +16,21 @@ boxes = [ :box => "bento/ubuntu-20.04", :ip => '10.0.0.14', :cpu => "50", - :ram => "384" + :ram => "512" + }, + { + :name => "ubuntu-2204", + :box => "bento/ubuntu-22.04", + :ip => '10.0.0.15', + :cpu => "50", + :ram => "512" + }, + { + :name => "ubuntu-2404", + :box => "bento/ubuntu-24.04", + :ip => '10.0.0.16', + :cpu => "50", + :ram => "512" }, { :name => "debian-10", @@ -44,7 +51,7 @@ boxes = [ :box => "bento/debian-12", :ip => '10.0.0.20', :cpu => "50", - :ram => "256" + :ram => "384" }, ] diff --git a/meta/main.yml b/meta/main.yml index 06edff7..c14a17f 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,9 +1,8 @@ # meta file --- galaxy_info: - namespace: oefenweb + author: oefenweb role_name: ssh_server - author: Mischa ter Smitten company: Oefenweb.nl B.V. description: Set up an OpenSSH server in Debian-like systems license: MIT @@ -11,9 +10,10 @@ galaxy_info: platforms: - name: Ubuntu versions: - - xenial - bionic - focal + - jammy + - noble - name: Debian versions: - buster diff --git a/molecule/default/collections.yml b/molecule/default/collections.yml index c3d7e2a..1062b36 100644 --- a/molecule/default/collections.yml +++ b/molecule/default/collections.yml @@ -1,6 +1,2 @@ --- -collections: - - name: community.docker - version: '>=1.2.0,<2' - - name: community.general - version: '>=2,<3' +collections: [] diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 8841165..908aaf6 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -5,7 +5,7 @@ driver: name: docker platforms: - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1604}-ansible:latest" + image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu2004}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw diff --git a/tasks/main.yml b/tasks/main.yml index d2cbacd..c02acbe 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,28 +1,5 @@ # tasks file --- -- name: get (current) version # noqa risky-shell-pipe - ansible.builtin.shell: > - dpkg-query -W -f='${Version}' openssh-server | awk -F':' '{print $2}' | awk -F'p' '{print $1}' - register: _get_current_version - changed_when: false - failed_when: false - tags: - - configuration - - ssh-server - - ssh-server-version - - ssh-server-version-get - -- name: set (current) version - ansible.builtin.set_fact: - ssh_server_version: "{{ _get_current_version.stdout | regex_search('^([0-9]+\\.[0-9]+\\.?[0-9]*)$') }}" - changed_when: false - check_mode: false - tags: - - configuration - - ssh-server - - ssh-server-version - - ssh-server-version-set - - name: install dependencies ansible.builtin.apt: name: "{{ ssh_server_dependencies }}" @@ -57,10 +34,66 @@ - ssh-server - ssh-server-check-host-keys +- name: stat directories + ansible.builtin.stat: + path: "{{ item }}/" + register: _stat_directories + with_items: + - "{{ ssh_server_config_file | dirname }}" + - "{{ ssh_server_runtime_directory }}" + tags: + - configuration + - ssh-server + - ssh-server-configure + - ssh-server-configure-directories + - ssh-server-configure-directories-stat + +- name: create directories + ansible.builtin.file: + path: "{{ item.item }}" + state: directory + owner: root + group: root + mode: 0755 + with_items: "{{ _stat_directories.results }}" + when: + - item.stat is defined + - not item.stat.exists + tags: + - configuration + - ssh-server + - ssh-server-configure + - ssh-server-configure-directories + - ssh-server-configure-directories-create + +- name: get (current) version # noqa risky-shell-pipe + ansible.builtin.shell: > + dpkg-query -W -f='${Version}' openssh-server | awk -F':' '{print $2}' | awk -F'p' '{print $1}' + register: _get_current_version + changed_when: false + check_mode: false + failed_when: "_get_current_version.rc != 0" + tags: + - configuration + - ssh-server + - ssh-server-version + - ssh-server-version-get + +- name: set (current) version + ansible.builtin.set_fact: + ssh_server_version: "{{ _get_current_version.stdout | regex_search('^([0-9]+\\.[0-9]+\\.?[0-9]*)$') }}" + changed_when: false + check_mode: false + tags: + - configuration + - ssh-server + - ssh-server-version + - ssh-server-version-set + - name: update configuration file ansible.builtin.template: - src: etc/ssh/sshd_config.j2 - dest: /etc/ssh/sshd_config + src: "{{ ssh_server_config_file.lstrip('/') }}.j2" + dest: "{{ ssh_server_config_file }}" owner: root group: root mode: 0644 @@ -69,7 +102,8 @@ tags: - configuration - ssh-server - - ssh-server-configuration + - ssh-server-configure + - ssh-server-configure-file - name: start and enable service ansible.builtin.service: diff --git a/vars/main.yml b/vars/main.yml index 5c5e846..5427b57 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -2,3 +2,6 @@ --- ssh_server_dependencies: - openssh-server + +ssh_server_config_file: /etc/ssh/sshd_config +ssh_server_runtime_directory: /run/sshd