Merge branch 'no-more-with'

author: Christian Pointner <equinox@spreadspace.org> 2019-06-01 17:52:28 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2019-06-01 17:52:28 +0200
commit: 22d4ec550391e5e013e46347a908179b0c769ff3 (patch)
tree: fdb33ea899b753295e29f433d35cf77f8eee6464 /roles/sshd
parent: fix cloud-install role (diff)
parent: with_dict -> loop (diff)
1 files changed, 11 insertions, 9 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index e638905b..9d35e750 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -5,20 +5,22 @@
     state: present
 
 - name: hardening ssh-server config
+  vars:
+    sshd_options:
+      IgnoreRhosts: "yes"
+      PermitRootLogin: "without-password"
+      PubkeyAuthentication: "yes"
+      HostbasedAuthentication: "no"
+      PermitEmptyPasswords: "no"
+      UseDNS: "no"
+  loop: "{{ sshd_options | dict2items }}"
+  loop_control:
+    label: "{{ item.key }} = {{ item.value }}"
   lineinfile:
     regexp: "^#?\\s*{{ item.key }}"
     line: "{{ item.key }} {{ item.value }}"
     dest: /etc/ssh/sshd_config
     mode: 0644
-  with_dict:
-    IgnoreRhosts: "yes"
-    PermitRootLogin: "without-password"
-    PubkeyAuthentication: "yes"
-    HostbasedAuthentication: "no"
-    PermitEmptyPasswords: "no"
-    UseDNS: "no"
-  loop_control:
-    label: "{{ item.key }}"
   notify: restart ssh
 
 - name: limit allowed users
author	Christian Pointner <equinox@spreadspace.org>	2019-06-01 17:52:28 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2019-06-01 17:52:28 +0200
commit	22d4ec550391e5e013e46347a908179b0c769ff3 (patch)
tree	fdb33ea899b753295e29f433d35cf77f8eee6464 /roles/sshd
parent	fix cloud-install role (diff)
parent	with_dict -> loop (diff)