From ec0f975ce3d7b1ea8ce677e576503eaba2632837 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 6 Feb 2024 10:09:06 +0100
Subject: [PATCH] EL7 main service file requires mandatory environment file

note, that this is not the case for the instantiated, which is in sync
with everything else.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
 templates/sshd.service.j2 | 2 +-
 vars/RedHat_7.yml         | 1 +
 vars/main.yml             | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/templates/sshd.service.j2 b/templates/sshd.service.j2
index ec6da4e0..73e9384b 100644
--- a/templates/sshd.service.j2
+++ b/templates/sshd.service.j2
@@ -13,7 +13,7 @@ Documentation=man:sshd(8) man:sshd_config(5)
 [Service]
 Type=notify
 {% if __sshd_environment_file is string %}
-EnvironmentFile=-{{ __sshd_environment_file }}
+EnvironmentFile={{ __sshd_environment_file_mandatory | ternary('', '-')}}{{ __sshd_environment_file }}
 {% elif __sshd_environment_file is iterable %}
 {%   for file in __sshd_environment_file %}
 EnvironmentFile=-{{ file }}
diff --git a/vars/RedHat_7.yml b/vars/RedHat_7.yml
index 061993c6..98b745b9 100644
--- a/vars/RedHat_7.yml
+++ b/vars/RedHat_7.yml
@@ -33,6 +33,7 @@ __sshd_hostkeys_nofips:
   - /etc/ssh/ssh_host_ed25519_key
 
 __sshd_environment_file: /etc/sysconfig/sshd
+__sshd_environment_file_mandatory: true
 __sshd_environment_variable: $OPTIONS
 __sshd_service_after: sshd-keygen.service
 __sshd_service_wants: sshd-keygen.service
diff --git a/vars/main.yml b/vars/main.yml
index 3dbfcca4..792e84f8 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -67,6 +67,7 @@ __sshd_supports_validate: true
 
 # The path to an environment file for the SSHD service
 __sshd_environment_file: ~
+__sshd_environment_file_mandatory: false
 
 # The variable name we are passing from the environment file as an argument to the sshd
 __sshd_environment_variable: $OPTIONS