Skip to content
This repository was archived by the owner on Dec 26, 2020. It is now read-only.

Simplify crypto.yml checks with blocks #256

Closed
rndmh3ro opened this issue Nov 21, 2019 · 1 comment
Closed

Simplify crypto.yml checks with blocks #256

rndmh3ro opened this issue Nov 21, 2019 · 1 comment
Labels
help wanted

Comments

@rndmh3ro
Copy link
Member

Is your feature request related to a problem? Please describe.
Right now there's much duplicated code in the crypto.yaml task-file.

Describe the solution you'd like

We should use blocks

- name: block
  block:
    - name: set hostkeys according to openssh-version
      set_fact:
        ssh_host_key_files: ['/etc/ssh/ssh_host_rsa_key', '/etc/ssh/ssh_host_ecdsa_key', '/etc/ssh/ssh_host_ed25519_key']

    - name: set macs according to openssh-version if openssh >= 7.6
      set_fact:
        ssh_macs: '{{ ssh_macs_76_default }}'

    - name: set ciphers according to openssh-version if openssh >= 6.6
      set_fact:
        ssh_ciphers: '{{ ssh_ciphers_66_default }}'

  when: sshd_version.stdout is version('6.3', '>=') and not ssh_host_key_files
@rndmh3ro rndmh3ro changed the title SImplify crypto.yml checks Simplify crypto.yml checks with blocks Nov 21, 2019
@schurzi schurzi mentioned this issue Jul 8, 2020
Merged
@rndmh3ro
Copy link
Member Author

rndmh3ro commented Jul 9, 2020

Fixed by #305, thanks @schurzi!

@rndmh3ro rndmh3ro closed this as completed Jul 9, 2020
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rndmh3ro