ssh

2014-12-13 19:52:56 +01:00 · 2014-12-13 19:52:56 +01:00 · f2844607f3
commit f2844607f3
parent 4120ca752b
4 changed files with 19 additions and 3 deletions
--- a/roles/container/files/link-ptmx.service
+++ b/roles/container/files/link-ptmx.service
@ -0,0 +1,7 @@
+[Unit]
+Description=Symlink /dev/ptmx for interactive logins
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/ln -s /dev/pts/ptmx /dev/ptmx
--- a/roles/container/tasks/ssh.yml
+++ b/roles/container/tasks/ssh.yml
@ -1,10 +1,13 @@
 - name: install openssh
  pacman: name=openssh state=present
 - name: Write sshd_config
-  copy: src=sshd_config dest=/etc/ssh/sshd_config mode=0644
+  template: src=sshd_config.j2 dest=/etc/ssh/sshd_config mode=0644
 - name: symlink /dev/pts/ptmx to /dev/ptmx for sshd pty
  file: src=/dev/pts/ptmx dest=/dev/ptmx state=link
- name: tmpfiles.d/ptmx.conf
-  copy: src=ptmx.conf dest=/etc/tmpfiles.d/ptmx.conf mode=0644
+- name: create link-ptmx.service
+  copy: src=link-ptmx.service dest=/etc/systemd/system/link-ptmx.service mode=0644
+- name: enable link-ptmx.service
+  file: src=/etc/systemd/system/link-ptmx.service dest=/etc/systemd/system/multi-user.target.wants/link-ptmx.service state=link
+
 - name: start sshd.socket
  service: name=sshd.socket state=started enabled=yes
--- a/roles/container/templates/sshd_config.j2
+++ b/roles/container/templates/sshd_config.j2
@ -1,6 +1,11 @@
 Port 22

+{% if ssh_ldap %}
+AuthorizedKeysCommand /usr/lib/openssh-ldap-helper/openssh-ldap-helper
+AuthorizedKeysCommandUser root
+{% else %}
 AuthorizedKeysFile	.ssh/authorized_keys
+{% endif %}

 PasswordAuthentication no
 ChallengeResponseAuthentication no
--- a/roles/php/defaults/main.yml
+++ b/roles/php/defaults/main.yml
@ -1 +1,2 @@
 php_extensions: []
+ssh_ldap: false