Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Correctly check hostname against PVE hosts

Browse Source 
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
This commit is contained in:
Jake Howard
2021-08-23 19:56:04 +01:00
parent ecb946bab4
commit edc5c325b7
8 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/base/files/sshd_config
View File

@ -2,7 +2,7 @@
# Change to a high/odd port if this server is exposed to the internet directly
Port {{ ssh_port }}
AllowUsers {% if ansible_hostname in pve_hosts %}{{ user }}@{{ pve_hosts.internal_cidr }}{% endif %} {% if ansible_hostname in nebula.clients %}{{ user }}@{{ nebula.cidr }}{% endif %} {{ ssh_extra_allowed_users }}
AllowUsers {% if hostname_slug in pve_hosts %}{{ user }}@{{ pve_hosts.internal_cidr }}{% endif %} {% if hostname_slug in nebula.clients %}{{ user }}@{{ nebula.cidr }}{% endif %} {{ ssh_extra_allowed_users }}
# Bind to all interfaces (change to specific interface if needed)
ListenAddress 0.0.0.0