Merge pull request #222 from dev-sec/fix_221

rndmh3ro · web-flow · commit 7457337c4afc · 2019-05-07T22:02:23.000+02:00
fix indentation for matches
diff --git a/.travis.yml b/.travis.yml
@@ -55,8 +55,8 @@ script:
   - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/ansible-ssh-hardening:ro ${run_opts} rndmh3ro/docker-${distro}-ansible:${version} "${init}" > "${container_id}"'
 
   # Test role.
-  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default_custom.yml'
-  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default.yml'
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default_custom.yml --diff'
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default.yml --diff'
 
   # Verify role
   # remove the UseLogin-check, see here for reasons: https://github.com/dev-sec/ansible-ssh-hardening/pull/141
diff --git a/templates/opensshd.conf.j2 b/templates/opensshd.conf.j2
@@ -244,7 +244,7 @@ Subsystem sftp internal-sftp -l INFO -f LOCAL6
 # These lines must appear at the *end* of sshd_config
 Match Group sftponly
     ForceCommand internal-sftp -l INFO -f LOCAL6
-{% if sftp_chroot -%}
+{% if sftp_chroot %}
     ChrootDirectory {{ sftp_chroot_dir }}
 {% endif %}
     AllowTcpForwarding no
@@ -260,7 +260,7 @@ Match Group sftponly
 
 {% for item in ssh_server_match_group -%}
 Match Group {{ item.group }}
-  {% for rule in item.rules -%}
+  {% for rule in item.rules %}
     {{ rule | indent(4) }}
   {% endfor %}
 {% endfor %}
@@ -272,7 +272,7 @@ Match Group {{ item.group }}
 
 {% for item in ssh_server_match_user -%}
 Match User {{ item.user }}
-  {% for rule in item.rules -%}
+  {% for rule in item.rules %}
     {{ rule | indent(4) }}
   {% endfor %}
 {% endfor %}
