- ansible.builtin.include_tasks: "{{ ansible_lsb['id'] }}.yml"

- name: Enable service.
  ansible.builtin.service:
    name: sshd
    enabled: true
    state: started

- name: Ensure sshd_config is setup.
  ansible.builtin.lineinfile:
    path: /etc/ssh/sshd_config
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    validate: "/usr/sbin/sshd -T -f %s"
  with_items:
    - regexp: "^#?PasswordAuthentication"
      line: "PasswordAuthentication {{ ssh_password_authentication }}"
    - regexp: "^#?PermitRootLogin"
      line: "PermitRootLogin {{ ssh_permit_root_login }}"
    - regexp: "^#?Port"
      line: "Port {{ ssh_port }}"
  notify:
    - restart sshd