2 files changed, 19 insertions, 15 deletions

diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index 2c81f497..9d35e750 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -5,13 +5,15 @@
     state: present
 
 - name: hardening ssh-server config
-  with_dict:
-    IgnoreRhosts: "yes"
-    PermitRootLogin: "without-password"
-    PubkeyAuthentication: "yes"
-    HostbasedAuthentication: "no"
-    PermitEmptyPasswords: "no"
-    UseDNS: "no"
+  vars:
+    sshd_options:
+      IgnoreRhosts: "yes"
+      PermitRootLogin: "without-password"
+      PubkeyAuthentication: "yes"
+      HostbasedAuthentication: "no"
+      PermitEmptyPasswords: "no"
+      UseDNS: "no"
+  loop: "{{ sshd_options | dict2items }}"
   loop_control:
     label: "{{ item.key }} = {{ item.value }}"
   lineinfile:
diff --git a/roles/vm/grub/tasks/main.yml b/roles/vm/grub/tasks/main.yml
index eb868d38..e663e808 100644
--- a/roles/vm/grub/tasks/main.yml
+++ b/roles/vm/grub/tasks/main.yml
@@ -1,15 +1,17 @@
 ---
 - name: enable serial console in grub and for kernel
-  with_dict:
-    GRUB_TIMEOUT: 2
-    GRUB_CMDLINE_LINUX: '"console=ttyS0,115200n8"'
-    GRUB_TERMINAL: serial
-    GRUB_SERIAL_COMMAND: >-
-      "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1"
+  vars:
+    grub_options:
+      GRUB_TIMEOUT: 2
+      GRUB_CMDLINE_LINUX: '"console=ttyS0,115200n8"'
+      GRUB_TERMINAL: serial
+      GRUB_SERIAL_COMMAND: >-
+        "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1"
+  loop: "{{ grub_options | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
   lineinfile:
     dest: /etc/default/grub
     regexp: "^{{ item.key }}="
     line: "{{ item.key }}={{ item.value }}"
   notify: update grub
-  loop_control:
-    label: "{{ item.key }}"