release 0.5.1

galaxy.yml

@@ -2,7 +2,7 @@
 
 namespace: uumas
 name: general
-version: 0.5.0
+version: 0.5.1
 readme: README.md
 authors:
   - uumas

roles/packages/tasks/apt.yml

@@ -0,0 +1,23 @@
+---
+
+- name: Ensure packages defined in install_packages are installed
+  apt:
+    name: "{{ install_packages }}"
+    state: present
+    update_cache: yes
+
+- block:
+
+  - name: Enable backports
+    apt_repository:
+      repo: "deb http://deb.debian.org/debian {{ ansible_distribution_release }}-backports main"
+      filename: backports
+
+  - name: Install backports packages
+    apt:
+      name: "{{ backports_packages }}"
+      state: present
+      default_release: "{{ ansible_distribution_release }}-backports"
+
+  when: backports_packages is defined
+

roles/packages/tasks/main.yml

@@ -1,28 +1,15 @@
 ---
 
-- name: Install packages
+- name: Include tasks for apt as package manager
-  apt:
+  include_tasks: apt.yml
-    name: "{{ install_packages }}"
+  when: ansible_pkg_mgr == 'apt'
-    state: present
-    update_cache: yes
 
-- block:
+- name: Include tasks for other package manager
+  include_tasks: other.yml
+  when: ansible_pkg_mgr != 'apt'
 
-  - name: Enable backports
+- name: Ensure packages defined in delete_packages not installed
-    apt_repository:
+  package:
-      repo: "deb http://deb.debian.org/debian {{ ansible_distribution_release }}-backports main"
-      filename: backports
-
-  - name: Install backports packages
-    apt:
-      name: "{{ backports_packages }}"
-      state: present
-      default_release: "{{ ansible_distribution_release }}-backports"
-
-  when: backports_packages is defined
-
-- name: Delete packages
-  apt:
     name: "{{ delete_packages }}"
     state: absent
   when: delete_packages is defined

roles/packages/tasks/other.yml

@@ -0,0 +1,7 @@
+---
+
+- name: Ensure packages defined in install_packages are installed
+  package:
+    name: "{{ install_packages }}"
+    state: present
+

roles/ssh/defaults/main.yml

@@ -0,0 +1,4 @@
+---
+
+sshd_x11_forwarding: false
+sshd_password_auth: false

roles/ssh/tasks/main.yml

@@ -1,28 +1,15 @@
 ---
 
-- name: Disable SSH root login without password
+- name: Ensure sshd config options set correctly
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '^#?PermitRootLogin .*$'
+    regexp: "^#?{{ item.key }} .*$"
-    line: "PermitRootLogin prohibit-password"
+    line: "{{ item.key }} {{ item.value }}"
     state: present
     validate: '/usr/sbin/sshd -t -f %s'
   notify: restart ssh
+  with_dict:
+    PermitRootLogin: 'prohibit-password'
+    PasswordAuthentication: "{{ 'yes' if sshd_password_auth else 'no' }}"
+    X11Forwarding: "{{ 'yes' if sshd_x11_forwarding else 'no' }}"
 
-- name: Disable PasswordAuthentication
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '^#PasswordAuthentication .*$'
-    line: "PasswordAuthentication no"
-    state: present
-    validate: '/usr/sbin/sshd -t -f %s'
-  notify: restart ssh
-
-- name: Disable X11 forwarding
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '^#?X11Forwarding .*$'
-    line: "X11Forwarding no"
-    state: present
-    validate: '/usr/sbin/sshd -t -f %s'
-  notify: restart ssh