ssh: add docs

author: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-02-20 12:52:08 -0500
committer: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-02-20 12:52:08 -0500
commit: 51554a734c481dad6bdc6515c5683a4a18f903b9 (patch)
tree: c8234fbc2be91dd09648329dfb76ad4666031e3f /roles/ssh/README.md
parent: 2b686cdb9e363c7c2747ca250ab9bfdc1354ed37 (diff)
download: selfhosted-51554a734c481dad6bdc6515c5683a4a18f903b9.tar.gz
selfhosted-51554a734c481dad6bdc6515c5683a4a18f903b9.zip
1 files changed, 34 insertions, 0 deletions
diff --git a/roles/ssh/README.md b/roles/ssh/README.md
new file mode 100644
index 0000000..1975b0b
--- /dev/null
+++ b/roles/ssh/README.md
@@ -0,0 +1,34 @@
+SSH
+===
+
+Description
+-----------
+
+The `ssh` role configures SSH clients to use GSSAPI authentication for hosts
+within the local FreeIPA domain.
+
+
+Variables
+---------
+
+This role **accepts** the following variables:
+
+Variable                | Default                    | Description
+------------------------|----------------------------|------------
+`ssh_canonical_domains` | `['{{ ansible_domain }}']` | Host domains to canonicalize for Kerberos/GSSAPI 
+
+
+Usage
+-----
+
+Example playbook:
+
+````yaml
+- name: configure kerberized ssh
+  hosts: all
+  roles:
+    - role: ssh
+      vars:
+        ssh_canonical_domains:
+          - ipa.example.com
+````
author	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-02-20 12:52:08 -0500
committer	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-02-20 12:52:08 -0500
commit	51554a734c481dad6bdc6515c5683a4a18f903b9 (patch)
tree	c8234fbc2be91dd09648329dfb76ad4666031e3f /roles/ssh/README.md
parent	2b686cdb9e363c7c2747ca250ab9bfdc1354ed37 (diff)
download	selfhosted-51554a734c481dad6bdc6515c5683a4a18f903b9.tar.gz selfhosted-51554a734c481dad6bdc6515c5683a4a18f903b9.zip