minor sshd role refactoring

1 files changed, 15 insertions, 15 deletions

diff --git a/roles/core/sshd/base/tasks/main.yml b/roles/core/sshd/base/tasks/main.yml
index 15ae6032..9793d831 100644
--- a/roles/core/sshd/base/tasks/main.yml
+++ b/roles/core/sshd/base/tasks/main.yml
@@ -7,6 +7,21 @@
     - "{{ ansible_os_family }}.yml"
   include_vars: "{{ item }}"
 
+- name: install config barriers for other roles to use
+  loop:
+  - line: "### ansible core/sshd/base config barrier ###"
+    insertbefore: "### ansible core/sshd config barrier ###"
+  - line: "### ansible core/sshd config barrier ###"
+    insertafter: "### ansible core/sshd/base config barrier ###"
+  loop_control:
+    label: "{{ item.line }}"
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    line: "{{ item.line }}"
+    insertbefore: "{{ item.insertbefore | default(omit) }}"
+    insertafter: "{{ item.insertafter | default(omit) }}"
+  notify: restart ssh
+
 - name: hardening ssh-server config
   vars:
     sshd_options:
@@ -68,21 +83,6 @@
     state: absent
   notify: restart ssh
 
-- name: install config barriers for other roles to use
-  loop:
-  - line: "### ansible core/sshd/base config barrier ###"
-    insertbefore: "### ansible core/sshd config barrier ###"
-  - line: "### ansible core/sshd config barrier ###"
-    insertafter: "### ansible core/sshd/base config barrier ###"
-  loop_control:
-    label: "{{ item.line }}"
-  lineinfile:
-    dest: /etc/ssh/sshd_config
-    line: "{{ item.line }}"
-    insertbefore: "{{ item.insertbefore | default(omit) }}"
-    insertafter: "{{ item.insertafter | default(omit) }}"
-  notify: restart ssh
-
 - name: install ssh keys for root
   authorized_key:
     user: root