diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/core/sshd/base/tasks/main.yml | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/roles/core/sshd/base/tasks/main.yml b/roles/core/sshd/base/tasks/main.yml index 15ae6032..9793d831 100644 --- a/roles/core/sshd/base/tasks/main.yml +++ b/roles/core/sshd/base/tasks/main.yml @@ -7,6 +7,21 @@ - "{{ ansible_os_family }}.yml" include_vars: "{{ item }}" +- name: install config barriers for other roles to use + loop: + - line: "### ansible core/sshd/base config barrier ###" + insertbefore: "### ansible core/sshd config barrier ###" + - line: "### ansible core/sshd config barrier ###" + insertafter: "### ansible core/sshd/base config barrier ###" + loop_control: + label: "{{ item.line }}" + lineinfile: + dest: /etc/ssh/sshd_config + line: "{{ item.line }}" + insertbefore: "{{ item.insertbefore | default(omit) }}" + insertafter: "{{ item.insertafter | default(omit) }}" + notify: restart ssh + - name: hardening ssh-server config vars: sshd_options: @@ -68,21 +83,6 @@ state: absent notify: restart ssh -- name: install config barriers for other roles to use - loop: - - line: "### ansible core/sshd/base config barrier ###" - insertbefore: "### ansible core/sshd config barrier ###" - - line: "### ansible core/sshd config barrier ###" - insertafter: "### ansible core/sshd/base config barrier ###" - loop_control: - label: "{{ item.line }}" - lineinfile: - dest: /etc/ssh/sshd_config - line: "{{ item.line }}" - insertbefore: "{{ item.insertbefore | default(omit) }}" - insertafter: "{{ item.insertafter | default(omit) }}" - notify: restart ssh - - name: install ssh keys for root authorized_key: user: root |