Mercurial > code > home > repos > infra
comparison ssh.py @ 289:65e28d2e0cd8
move static templates to files/ ; use inventory tags for selecting hosts+features ; other refactors
| author | drewp@bigasterisk.com |
|---|---|
| date | Sun, 21 Apr 2024 17:07:23 -0700 |
| parents | 4e424a144183 |
| children | 5b88b38f2471 |
comparison
equal
deleted
inserted
replaced
| 288:3af02e24eaf9 | 289:65e28d2e0cd8 |
|---|---|
| 1 from pyinfra import host | 1 from pyinfra import host |
| 2 from pyinfra.facts.server import LinuxDistribution | 2 from pyinfra.facts.server import LinuxDistribution |
| 3 from pyinfra.operations import files, systemd | 3 from pyinfra.operations import files, systemd |
| 4 | 4 |
| 5 is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux'] | |
| 6 | 5 |
| 7 systemd.service( | 6 systemd.service( |
| 8 service='ssh', | 7 service='ssh', |
| 9 running=True, | 8 running=True, |
| 10 enabled=True, | 9 enabled=True, |
| 11 ) | 10 ) |
| 12 | 11 |
| 13 files.line(path='/etc/ssh/ssh_config', line="HashKnownHosts", replace="HashKnownHosts no") | 12 files.line(path='/etc/ssh/ssh_config', line="HashKnownHosts", replace="HashKnownHosts no") |
| 14 | 13 |
| 15 if not is_pi: | 14 if 'pi' not in host.groups: |
| 16 files.line(path='/etc/ssh/sshd_config', line="^UseDNS\b", replace="UseDNS no") | 15 files.line(path='/etc/ssh/sshd_config', line="^UseDNS\b", replace="UseDNS no") |
| 17 # MAYBE plus needs this fix: adding ListenAddress 0.0.0.0 to /etc/ssh/sshd_config | 16 # MAYBE plus needs this fix: adding ListenAddress 0.0.0.0 to /etc/ssh/sshd_config |
| 18 systemd.service(service='sshd', reloaded=True) | 17 systemd.service(service='sshd', reloaded=True) |