diff options
author | Christian Pointner <equinox@spreadspace.org> | 2019-06-01 17:52:28 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2019-06-01 17:52:28 +0200 |
commit | 22d4ec550391e5e013e46347a908179b0c769ff3 (patch) | |
tree | fdb33ea899b753295e29f433d35cf77f8eee6464 /roles/sshd | |
parent | fix cloud-install role (diff) | |
parent | with_dict -> loop (diff) |
Merge branch 'no-more-with'
Diffstat (limited to 'roles/sshd')
-rw-r--r-- | roles/sshd/tasks/main.yml | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index e638905b..9d35e750 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -5,20 +5,22 @@ state: present - name: hardening ssh-server config + vars: + sshd_options: + IgnoreRhosts: "yes" + PermitRootLogin: "without-password" + PubkeyAuthentication: "yes" + HostbasedAuthentication: "no" + PermitEmptyPasswords: "no" + UseDNS: "no" + loop: "{{ sshd_options | dict2items }}" + loop_control: + label: "{{ item.key }} = {{ item.value }}" lineinfile: regexp: "^#?\\s*{{ item.key }}" line: "{{ item.key }} {{ item.value }}" dest: /etc/ssh/sshd_config mode: 0644 - with_dict: - IgnoreRhosts: "yes" - PermitRootLogin: "without-password" - PubkeyAuthentication: "yes" - HostbasedAuthentication: "no" - PermitEmptyPasswords: "no" - UseDNS: "no" - loop_control: - label: "{{ item.key }}" notify: restart ssh - name: limit allowed users |