qusal/salt/sys-ssh/install.sls
Ben Grande 44ea4c5db2
feat: add manual page reader
Ability to read the program's manual from the terminal is much better
than to ask the user to search the manual page on the internet, we
already trust the installed program and documentation, but we should not
trust every manual page on the internet.
2024-05-28 11:00:04 +02:00

56 lines
1.2 KiB
Plaintext

{#
SPDX-FileCopyrightText: 2022 unman <unman@thirdeyesecurity.org>
SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if grains['nodename'] != 'dom0' -%}
include:
- utils.tools.common.update
"{{ slsdotpath }}-installed":
pkg.installed:
- require:
- sls: utils.tools.common.update
- install_recommends: False
- skip_suggestions: True
- pkgs:
- openssh-server
- socat
- man-db
"{{ slsdotpath }}-stop-ssh":
service.dead:
- name: ssh
"{{ slsdotpath }}-disable-ssh":
service.disabled:
- name: ssh
"{{ slsdotpath }}-mask-ssh":
service.masked:
- name: ssh
"{{ slsdotpath }}-set-rpc-services":
file.recurse:
- name: /etc/qubes-rpc/
- source: salt://{{ slsdotpath }}/files/server/rpc/
- dir_mode: '0755'
- file_mode: '0755'
- user: root
- group: root
- makedirs: True
"{{ slsdotpath }}-sshd-config":
file.managed:
- name: /etc/ssh/sshd_config.d/{{ slsdotpath }}.conf
- source: salt://{{ slsdotpath }}/files/server/sshd_config.d/{{ slsdotpath }}.conf
- mode: '0755'
- user: root
- group: root
- makedirs: True
{% endif -%}