initial commit
This commit is contained in:
commit
4a1aca4621
|
@ -0,0 +1,5 @@
|
||||||
|
{
|
||||||
|
"files.associations": {
|
||||||
|
"*.yml": "ansible"
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
ssh_port: "22"
|
||||||
|
ssh_password_authentication: "no"
|
||||||
|
ssh_permit_root_login: "no"
|
|
@ -0,0 +1,4 @@
|
||||||
|
- name: restart sshd
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: "{{ ssh_service }}"
|
||||||
|
state: restarted
|
|
@ -0,0 +1 @@
|
||||||
|
dependencies: []
|
|
@ -0,0 +1,13 @@
|
||||||
|
- name: Ensure package is installed.
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: openssh
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
ssh_service: sshd
|
||||||
|
|
||||||
|
- name: Enable service.
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: "{{ ssh_service }}"
|
||||||
|
enabled: true
|
||||||
|
state: started
|
|
@ -0,0 +1,13 @@
|
||||||
|
- name: Ensure package is installed.
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: ssh
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
ssh_service: sshd
|
||||||
|
|
||||||
|
- name: Enable service.
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: "{{ ssh_service }}"
|
||||||
|
enabled: true
|
||||||
|
state: started
|
|
@ -0,0 +1,13 @@
|
||||||
|
- name: Ensure package is installed.
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: ssh
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
ssh_service: sshd
|
||||||
|
|
||||||
|
- name: Enable service.
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: "{{ ssh_service }}"
|
||||||
|
enabled: true
|
||||||
|
state: started
|
|
@ -0,0 +1,17 @@
|
||||||
|
- ansible.builtin.include_tasks: "{{ ansible_lsb['id'] }}.yml"
|
||||||
|
|
||||||
|
- name: Ensure sshd_config is setup.
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/ssh/sshd_config
|
||||||
|
regexp: "{{ item.regexp }}"
|
||||||
|
line: "{{ item.line }}"
|
||||||
|
validate: "/usr/sbin/sshd -T -f %s"
|
||||||
|
with_items:
|
||||||
|
- regexp: "^#?PasswordAuthentication"
|
||||||
|
line: "PasswordAuthentication {{ ssh_password_authentication }}"
|
||||||
|
- regexp: "^#?PermitRootLogin"
|
||||||
|
line: "PermitRootLogin {{ ssh_permit_root_login }}"
|
||||||
|
- regexp: "^#?Port"
|
||||||
|
line: "Port {{ ssh_port }}"
|
||||||
|
notify:
|
||||||
|
- restart sshd
|
Loading…
Reference in New Issue