sshd: remove support for custom ssh.d directory

The same drop-in functionality is now provided by the openssh package
via /etc/ssh/sshd_config.d/.

host_vars/aur.archlinux.org/misc

@@ -5,6 +5,5 @@ fail2ban_jails:
   dovecot: false
   nginx_limit_req: true
 memcached_socket: "/run/memcached/aurweb.sock"
-sshd_enable_includes: true
 wireguard_address: 10.0.0.2
 wireguard_public_key: TPLeGQ7qU6ZNtcgDbEV0SSYScvK+XS5igcPdGSXo6UA=

playbooks/tasks/install_arch.yml

@@ -8,4 +8,3 @@
     - install_arch
   vars:
     - bootstrap_version: "latest"
-    - sshd_enable_includes: false

roles/aurweb/tasks/main.yml

@@ -317,7 +317,7 @@
   become_user: "{{ aurweb_user }}"
 
 - name: Configure sshd
-  template: src=aurweb_config.j2 dest={{ sshd_includes_dir }}/aurweb_config owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
+  template: src=aurweb_config.j2 dest=/etc/ssh/sshd_config.d/aurweb.conf owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
   notify:
     - Restart sshd
 

roles/sshd/defaults/main.yml

-sshd_includes_dir: '/etc/ssh/ssh.d'
-sshd_enable_includes: false

roles/sshd/tasks/main.yml

@@ -9,10 +9,6 @@
 - name: Install motd
   template: src=motd.j2 dest=/etc/motd owner=root group=root mode=0644
 
-- name: Create the includes dir
-  file: path="{{ sshd_includes_dir }}" state=directory mode=0755
-  when: sshd_enable_includes
-
 - name: Start and enable sshd
   service: name=sshd enabled=yes state=started
 

roles/sshd/templates/sshd_config.j2

@@ -117,10 +117,6 @@ Subsystem	sftp	/usr/lib/ssh/sftp-server
 # unlink forwarded sockets; for gpg agent forwarding
 StreamLocalBindUnlink yes
 
-{% if sshd_enable_includes %}
-Include {{ sshd_includes_dir }}/*
-{% endif -%}
-
 # Example of overriding settings on a per-user basis
 #Match User anoncvs
 #	X11Forwarding no