From 48a37b3126fffe1cab41193921f1fb4936ac4646 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <dani@LAPIOLE.ORG@build.lapiole.org>
Date: Mon, 13 Dec 2021 22:00:37 +0100
Subject: [PATCH] Update to 2021-12-13 22:00

---
 roles/ssh/tasks/conf.yml    |  4 ++--
 roles/ssh/tasks/facts.yml   |  7 +++++++
 roles/ssh/tasks/install.yml | 14 +-------------
 roles/ssh/vars/Debian.yml   |  5 +++++
 roles/ssh/vars/RedHat.yml   |  5 +++++
 5 files changed, 20 insertions(+), 15 deletions(-)
 create mode 100644 roles/ssh/vars/Debian.yml
 create mode 100644 roles/ssh/vars/RedHat.yml

diff --git a/roles/ssh/tasks/conf.yml b/roles/ssh/tasks/conf.yml
index bb2592a..5743f9f 100644
--- a/roles/ssh/tasks/conf.yml
+++ b/roles/ssh/tasks/conf.yml
@@ -50,7 +50,7 @@
 - name: Create private dir for Authorized keys
   file: path=/etc/ssh/authorized_keys/{{ item.name }} state=directory mode=700 owner={{ item.name }}
   ignore_errors: True # Needed eg, if LDAP isn't available on first run
-  loop: "{{ ssh_users }}"
+  loop: "{{ ssh_users | rejectattr('keys_file', 'defined') | list }}"
   tags: ssh
 
 - name: Deploy ssh user keys
@@ -73,7 +73,7 @@
     owner: "{{ item.name }}"
   when: item.ssh_keys is defined
   ignore_errors: True
-  loop: "{{ ssh_users }}"
+  loop: "{{ ssh_users | rejectattr('keys_file', 'defined') | list }}"
   tags: ssh
 
 - name: Deploy sudo fragment
diff --git a/roles/ssh/tasks/facts.yml b/roles/ssh/tasks/facts.yml
index 155e5ff..3c4b70f 100644
--- a/roles/ssh/tasks/facts.yml
+++ b/roles/ssh/tasks/facts.yml
@@ -1,4 +1,11 @@
 ---
+- include_vars: "{{ item }}"
+  with_first_found:
+    - "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_distribution }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_os_family }}.yml"
+  tags: ssh
 
 - name: Combine SSH users
   set_fact:
diff --git a/roles/ssh/tasks/install.yml b/roles/ssh/tasks/install.yml
index 373d845..0da2f15 100644
--- a/roles/ssh/tasks/install.yml
+++ b/roles/ssh/tasks/install.yml
@@ -1,17 +1,5 @@
 ---
 
 - name: Install ssh components
-  yum:
-    name:
-      - openssh-server
-      - openssh-clients
-  when: ansible_os_family == 'RedHat'
-  tags: ssh
-
-- name: Install ssh components
-  apt:
-    name:
-      - openssh-server
-      - openssh-client
-  when: ansible_os_family == 'Debian'
+  package: name={{ ssh_packages }}
   tags: ssh
diff --git a/roles/ssh/vars/Debian.yml b/roles/ssh/vars/Debian.yml
new file mode 100644
index 0000000..509966b
--- /dev/null
+++ b/roles/ssh/vars/Debian.yml
@@ -0,0 +1,5 @@
+---
+
+ssh_packages:
+  - openssh-server
+  - openssh-client
diff --git a/roles/ssh/vars/RedHat.yml b/roles/ssh/vars/RedHat.yml
new file mode 100644
index 0000000..5cb33ee
--- /dev/null
+++ b/roles/ssh/vars/RedHat.yml
@@ -0,0 +1,5 @@
+---
+
+ssh_packages:
+  - openssh-server
+  - openssh-clients