From ba190fb5092cfec9527312c58545e5205e304115 Mon Sep 17 00:00:00 2001
From: Sebastian Gumprich <github@gumpri.ch>
Date: Tue, 7 May 2019 21:42:13 +0200
Subject: [PATCH 1/3] fix indentation for matches

Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
---
 templates/opensshd.conf.j2 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates/opensshd.conf.j2 b/templates/opensshd.conf.j2
index ccda849..03bc00a 100644
--- a/templates/opensshd.conf.j2
+++ b/templates/opensshd.conf.j2
@@ -244,7 +244,7 @@ Subsystem sftp internal-sftp -l INFO -f LOCAL6
 # These lines must appear at the *end* of sshd_config
 Match Group sftponly
     ForceCommand internal-sftp -l INFO -f LOCAL6
-{% if sftp_chroot -%}
+{% if sftp_chroot %}
     ChrootDirectory {{ sftp_chroot_dir }}
 {% endif %}
     AllowTcpForwarding no
@@ -260,7 +260,7 @@ Match Group sftponly
 
 {% for item in ssh_server_match_group -%}
 Match Group {{ item.group }}
-  {% for rule in item.rules -%}
+  {% for rule in item.rules %}
     {{ rule | indent(4) }}
   {% endfor %}
 {% endfor %}
@@ -272,7 +272,7 @@ Match Group {{ item.group }}
 
 {% for item in ssh_server_match_user -%}
 Match User {{ item.user }}
-  {% for rule in item.rules -%}
+  {% for rule in item.rules %}
     {{ rule | indent(4) }}
   {% endfor %}
 {% endfor %}

From e8f58de1838c09f600b01d64f83713b7c39649ed Mon Sep 17 00:00:00 2001
From: Sebastian Gumprich <github@gumpri.ch>
Date: Tue, 7 May 2019 21:48:51 +0200
Subject: [PATCH 2/3] add diff to travis run

Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
---
 .travis.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 385cb35..572d986 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -55,8 +55,8 @@ script:
   - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/ansible-ssh-hardening:ro ${run_opts} rndmh3ro/docker-${distro}-ansible:${version} "${init}" > "${container_id}"'
 
   # Test role.
-  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default_custom.yml'
-  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default.yml'
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default_custom.yml --diff'
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default.yml -diff'
 
   # Verify role
   # remove the UseLogin-check, see here for reasons: https://github.com/dev-sec/ansible-ssh-hardening/pull/141

From c592fd61db43f11a974e5bc0701334bfaebb6f23 Mon Sep 17 00:00:00 2001
From: Sebastian Gumprich <github@gumpri.ch>
Date: Tue, 7 May 2019 21:52:54 +0200
Subject: [PATCH 3/3] add diff to travis run

Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 572d986..a64dc8a 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -56,7 +56,7 @@ script:
 
   # Test role.
   - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default_custom.yml --diff'
-  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default.yml -diff'
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/ansible-ssh-hardening/tests/default.yml --diff'
 
   # Verify role
   # remove the UseLogin-check, see here for reasons: https://github.com/dev-sec/ansible-ssh-hardening/pull/141