diff options
-rw-r--r-- | roles/sshd/tasks/main.yml | 16 | ||||
-rw-r--r-- | roles/vm/grub/tasks/main.yml | 18 |
2 files changed, 19 insertions, 15 deletions
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 2c81f497..9d35e750 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -5,13 +5,15 @@ state: present - name: hardening ssh-server config - with_dict: - IgnoreRhosts: "yes" - PermitRootLogin: "without-password" - PubkeyAuthentication: "yes" - HostbasedAuthentication: "no" - PermitEmptyPasswords: "no" - UseDNS: "no" + vars: + sshd_options: + IgnoreRhosts: "yes" + PermitRootLogin: "without-password" + PubkeyAuthentication: "yes" + HostbasedAuthentication: "no" + PermitEmptyPasswords: "no" + UseDNS: "no" + loop: "{{ sshd_options | dict2items }}" loop_control: label: "{{ item.key }} = {{ item.value }}" lineinfile: diff --git a/roles/vm/grub/tasks/main.yml b/roles/vm/grub/tasks/main.yml index eb868d38..e663e808 100644 --- a/roles/vm/grub/tasks/main.yml +++ b/roles/vm/grub/tasks/main.yml @@ -1,15 +1,17 @@ --- - name: enable serial console in grub and for kernel - with_dict: - GRUB_TIMEOUT: 2 - GRUB_CMDLINE_LINUX: '"console=ttyS0,115200n8"' - GRUB_TERMINAL: serial - GRUB_SERIAL_COMMAND: >- - "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1" + vars: + grub_options: + GRUB_TIMEOUT: 2 + GRUB_CMDLINE_LINUX: '"console=ttyS0,115200n8"' + GRUB_TERMINAL: serial + GRUB_SERIAL_COMMAND: >- + "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1" + loop: "{{ grub_options | dict2items }}" + loop_control: + label: "{{ item.key }}" lineinfile: dest: /etc/default/grub regexp: "^{{ item.key }}=" line: "{{ item.key }}={{ item.value }}" notify: update grub - loop_control: - label: "{{ item.key }}" |