Mercurial > code > home > repos > infra

view ssh.py @ 289:65e28d2e0cd8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
move static templates to files/ ; use inventory tags for selecting hosts+features ; other refactors
author drewp@bigasterisk.com
date Sun, 21 Apr 2024 17:07:23 -0700
parents 4e424a144183
children 5b88b38f2471
line wrap: on
line source

from pyinfra import host
from pyinfra.facts.server import LinuxDistribution
from pyinfra.operations import files, systemd


systemd.service(
    service='ssh',
    running=True,
    enabled=True,
)

files.line(path='/etc/ssh/ssh_config', line="HashKnownHosts", replace="HashKnownHosts no")

if 'pi' not in host.groups:
    files.line(path='/etc/ssh/sshd_config', line="^UseDNS\b", replace="UseDNS no")
    # MAYBE plus needs this fix: adding ListenAddress 0.0.0.0 to /etc/ssh/sshd_config
    systemd.service(service='sshd', reloaded=True)