forked from linux-system-roles/ssh
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtests_regenerate_defaults.yml
More file actions
53 lines (46 loc) · 1.61 KB
/
tests_regenerate_defaults.yml
File metadata and controls
53 lines (46 loc) · 1.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
---
- name: Regenerate default configuration file
hosts: all
gather_facts: true
vars:
__ssh_test_backup_files:
- /etc/ssh/ssh_config.d/00-ansible.conf
- /etc/ssh/ssh_config
tasks:
- name: RHEL6 does not support test mode for ssh
meta: end_host
when:
- ansible_facts['distribution'] in ['CentOS', 'RedHat'] and
ansible_facts['distribution_version'] | int < 7
# SUSE uses /usr/etc/ssh/ssh_config as vendor config with settings
# beyond what __ssh_defaults provides (ForwardX11Trusted, SendEnv,
# etc). The role cannot regenerate the vendor config identically,
# and should use drop-in configs on SUSE instead.
- name: SUSE vendor config cannot be regenerated by the role
meta: end_host
when:
- ansible_facts['os_family'] == 'Suse'
- name: Backup configuration files
include_tasks: tasks/backup.yml
- name: Record default values from configuration file
command: ssh -G localhost -F /etc/ssh/ssh_config
register: options_before
changed_when: false
- name: Truncate configuration file
file:
state: absent
path: /etc/ssh/ssh_config
- name: Run role
include_role:
name: linux-system-roles.ssh
vars:
ssh_config_file: /etc/ssh/ssh_config
ssh_skip_defaults: false
- name: Record values in new configuration file
command: ssh -G localhost -F /etc/ssh/ssh_config
register: options_after
changed_when: false
- name: Verify configuration is same
assert:
that:
- options_before.stdout == options_after.stdout