Skip to content
This repository was archived by the owner on Dec 26, 2020. It is now read-only.

Simplify crypto.yml checks with blocks #256

Closed
rndmh3ro opened this issue Nov 21, 2019 · 1 comment
Closed

Simplify crypto.yml checks with blocks #256

rndmh3ro opened this issue Nov 21, 2019 · 1 comment
Labels
help wanted

Comments

@rndmh3ro
Copy link
Member

Is your feature request related to a problem? Please describe.
Right now there's much duplicated code in the crypto.yaml task-file.

Describe the solution you'd like

We should use blocks

- name: block
  block:
    - name: set hostkeys according to openssh-version
      set_fact:
        ssh_host_key_files: ['/etc/ssh/ssh_host_rsa_key', '/etc/ssh/ssh_host_ecdsa_key', '/etc/ssh/ssh_host_ed25519_key']

    - name: set macs according to openssh-version if openssh >= 7.6
      set_fact:
        ssh_macs: '{{ ssh_macs_76_default }}'

    - name: set ciphers according to openssh-version if openssh >= 6.6
      set_fact:
        ssh_ciphers: '{{ ssh_ciphers_66_default }}'

  when: sshd_version.stdout is version('6.3', '>=') and not ssh_host_key_files
@rndmh3ro rndmh3ro changed the title SImplify crypto.yml checks Simplify crypto.yml checks with blocks Nov 21, 2019
@schurzi schurzi mentioned this issue Jul 8, 2020
Merged
@rndmh3ro
Copy link
Member Author

rndmh3ro commented Jul 9, 2020

Fixed by #305, thanks @schurzi!

@rndmh3ro rndmh3ro closed this as completed Jul 9, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rndmh3ro