Skip to content

refactor: Ansible 2.19 support #191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
richm merged 3 commits into from
Jun 19, 2025
Merged

refactor: Ansible 2.19 support #191

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ed33f98
refactor: Ansible 2.19 support
richm Jun 18, 2025
5b4746b
improve indentation
richm Jun 18, 2025
1d73887
fix formatting
richm Jun 18, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 15 additions & 9 deletions .dev-tools/10_top.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{{ ansible_managed | comment }}
{{ "system_role:ssh" | comment(prefix="", postfix="") }}
{% macro render_option(key, value, indent=false) %}
{% if value is defined %}
{% if value is defined and value is not none %}
{% if value is sameas true %}
{% if indent %} {% endif %}
{{ key }} yes
Expand All @@ -13,22 +13,28 @@
{{ key }} {{ value | string }}
{% else %}
{% for i in value %}
{% if indent %} {% endif %}
{% if i is none %}
{{- '' -}}
{% else %}
{% if indent %} {% endif %}
{{ key }} {{ i | string }}
{% endif %}
{% endfor %}
{% endif %}
{% else %}
{{- '' -}}
{% endif %}
{% endmacro %}
{% macro body_option(key, override) %}
{% set value = undefined %}
{% if override is defined %}
{% set value = override %}
{% elif ssh[key] is defined %}
{% set value = ssh[key] %}
{% if override is defined and override is not none %}
{{ render_option(key, override) -}}
{% elif ssh[key] is defined and ssh[key] is not none %}
{{ render_option(key, ssh[key]) -}}
{% elif __ssh_defaults[key] is defined and not __ssh_skip_defaults | trim | bool %}
{% set value = __ssh_defaults[key] %}
{{ render_option(key, __ssh_defaults[key]) -}}
{% else %}
{{- '' -}}
{% endif %}
{{ render_option(key, value) -}}
{% endmacro %}
{% macro match_block(match_list) %}
{% if match_list["Condition"] is defined %}
Expand Down
78 changes: 22 additions & 56 deletions tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,61 +58,27 @@
owner: "{{ __ssh_config_owner | trim }}"
group: "{{ __ssh_config_group | trim }}"
mode: "{{ __ssh_config_mode | trim }}"
validate: >-
{% if __ssh_supports_validate %}
ssh -G -F %s example.com
{% else %}
true %s
{% endif %}
validate: "{{ __ssh_supports_validate | ternary('ssh -G -F %s example.com', 'true %s') }}"
backup: "{{ ssh_backup }}"
vars:
__ssh_skip_defaults: >-
{% if ssh_skip_defaults != 'auto' %}
{{ ssh_skip_defaults }}
{% elif ssh_user is not none %}
true
{% else %}
{% if ssh_drop_in_name is not none and __ssh_supports_drop_in %}
true
{% else %}
false
{% endif %}
{% endif %}
__ssh_config_file: >-
{% if ssh_config_file is not none %}
{{ ssh_config_file }}
{% elif ssh_user is not none and
ansible_facts['getent_passwd'] is defined %}
{{ ansible_facts['getent_passwd'][ssh_user][4] }}/.ssh/config
{% else %}
{% if ssh_drop_in_name is not none and __ssh_supports_drop_in %}
{{ __ssh_drop_in_template | replace("{name}", ssh_drop_in_name) }}
{% else %}
/etc/ssh/ssh_config
{% endif %}
{% endif %}
__ssh_config_owner: >-
{% if ssh_config_owner is not none %}
{{ ssh_config_owner }}
{% elif ssh_user is not none %}
{{ ssh_user }}
{% else %}
root
{% endif %}
__ssh_config_group: >-
{% if ssh_config_group is not none %}
{{ ssh_config_group }}
{% elif ssh_user is not none and
ansible_facts['getent_passwd'] is defined %}
{{ ssh_user }}
{% else %}
root
{% endif %}
__ssh_config_mode: >-
{% if ssh_config_mode is not none %}
{{ ssh_config_mode }}
{% elif ssh_user is not none %}
600
{% else %}
644
{% endif %}
__ssh_skip_defaults: "{{ ssh_skip_defaults if ssh_skip_defaults != 'auto'
else (ssh_user is not none) or
(ssh_drop_in_name is not none and __ssh_supports_drop_in) }}"
__ssh_config_file: "{{ ssh_config_file
if ssh_config_file is not none
else
ansible_facts['getent_passwd'][ssh_user][4] ~ '/.ssh/config'
if ssh_user is not none and ansible_facts['getent_passwd'] is defined
else
__ssh_drop_in_template | replace('{name}', ssh_drop_in_name)
if ssh_drop_in_name is not none and __ssh_supports_drop_in
else '/etc/ssh/ssh_config' }}"
__ssh_config_owner: "{{ ssh_config_owner if ssh_config_owner is not none
else ssh_user if ssh_user is not none
else 'root' }}"
__ssh_config_group: "{{ ssh_config_group if ssh_config_group is not none
else ssh_user if ssh_user is not none and ansible_facts['getent_passwd'] is defined
else 'root' }}"
__ssh_config_mode: "{{ ssh_config_mode if ssh_config_mode is not none
else '0600' if ssh_user is not none
Comment on lines +82 to +83
Copy link

@sourcery-ai sourcery-ai bot Jun 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

issue (bug_risk): The default mode values are now quoted as strings, which may differ from previous behavior.

Previously, mode values were integers (e.g., 600/644); now they are strings ('0600'/'0644'). Ensure downstream code handles the type change to avoid permission issues.

else '0644' }}"
24 changes: 15 additions & 9 deletions templates/ssh_config.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{{ ansible_managed | comment }}
{{ "system_role:ssh" | comment(prefix="", postfix="") }}
{% macro render_option(key, value, indent=false) %}
{% if value is defined %}
{% if value is defined and value is not none %}
{% if value is sameas true %}
{% if indent %} {% endif %}
{{ key }} yes
Expand All @@ -13,22 +13,28 @@
{{ key }} {{ value | string }}
{% else %}
{% for i in value %}
{% if indent %} {% endif %}
{% if i is none %}
{{- '' -}}
{% else %}
{% if indent %} {% endif %}
{{ key }} {{ i | string }}
{% endif %}
{% endfor %}
{% endif %}
{% else %}
{{- '' -}}
{% endif %}
{% endmacro %}
{% macro body_option(key, override) %}
{% set value = undefined %}
{% if override is defined %}
{% set value = override %}
{% elif ssh[key] is defined %}
{% set value = ssh[key] %}
{% if override is defined and override is not none %}
{{ render_option(key, override) -}}
{% elif ssh[key] is defined and ssh[key] is not none %}
{{ render_option(key, ssh[key]) -}}
{% elif __ssh_defaults[key] is defined and not __ssh_skip_defaults | trim | bool %}
{% set value = __ssh_defaults[key] %}
{{ render_option(key, __ssh_defaults[key]) -}}
{% else %}
{{- '' -}}
{% endif %}
{{ render_option(key, value) -}}
{% endmacro %}
{% macro match_block(match_list) %}
{% if match_list["Condition"] is defined %}
Expand Down
2 changes: 1 addition & 1 deletion tests/tests_backup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
ssh_ForwardX11Trusted: 'yes' # noqa var-naming
register: second_run

- name: Find new backups files
- name: Find new backups files again
ansible.builtin.find:
paths: "{{ main_ssh_config_path }}"
patterns: "{{ main_ssh_config_name }}.*@*~"
Expand Down
Loading