Compare commits
2 commits
8ff70bfaad
...
e0da502c59
| Author | SHA1 | Date | |
|---|---|---|---|
|
e0da502c59 | ||
|
|
7ac8d9748f |
3 changed files with 15 additions and 0 deletions
|
|
@ -3,6 +3,7 @@ services:
|
||||||
lldap:
|
lldap:
|
||||||
image: lldap/lldap:${LLDAP_VERSION:-stable}
|
image: lldap/lldap:${LLDAP_VERSION:-stable}
|
||||||
container_name: lldap
|
container_name: lldap
|
||||||
|
restart: always
|
||||||
volumes:
|
volumes:
|
||||||
- "lldap_data:/data"
|
- "lldap_data:/data"
|
||||||
- "./secrets:/secrets:ro"
|
- "./secrets:/secrets:ro"
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,11 @@
|
||||||
update_cache: true
|
update_cache: true
|
||||||
cache_valid_time: 3600
|
cache_valid_time: 3600
|
||||||
|
|
||||||
|
- name: Detect if system is Proxmox (by checking /etc/pve)
|
||||||
|
stat:
|
||||||
|
path: /etc/pve
|
||||||
|
register: pve_check
|
||||||
|
|
||||||
- name: OpenSSH Server installieren
|
- name: OpenSSH Server installieren
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: openssh-server
|
name: openssh-server
|
||||||
|
|
@ -39,3 +44,5 @@
|
||||||
group: root
|
group: root
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
notify: Restart SSH
|
notify: Restart SSH
|
||||||
|
vars:
|
||||||
|
is_proxmox: "{{ pve_check.stat.exists }}"
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,14 @@
|
||||||
# OpenSSH server configuration (managed by Ansible)
|
# OpenSSH server configuration (managed by Ansible)
|
||||||
Port {{ ssh_port }}
|
Port {{ ssh_port }}
|
||||||
Protocol 2
|
Protocol 2
|
||||||
|
|
||||||
|
{% if is_proxmox %}
|
||||||
|
PermitRootLogin prohibit-password
|
||||||
|
AcceptEnv LANG LC_*
|
||||||
|
{% else %}
|
||||||
PermitRootLogin no
|
PermitRootLogin no
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
PasswordAuthentication no
|
PasswordAuthentication no
|
||||||
ChallengeResponseAuthentication no
|
ChallengeResponseAuthentication no
|
||||||
UsePAM yes
|
UsePAM yes
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue