43 lines
1.1 KiB
YAML
43 lines
1.1 KiB
YAML
---
|
|
- name: openssh - install
|
|
package: name=openssh-server
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: openssh - install
|
|
package: name=openssh
|
|
when: ansible_os_family != "Debian"
|
|
|
|
- name: openssh - start and enable
|
|
service: name=ssh state=started enabled=yes
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: openssh - start and enable
|
|
service: name=sshd state=started enabled=yes
|
|
when: ansible_os_family != "Debian"
|
|
|
|
- name: openssh - config
|
|
template:
|
|
dest: /etc/ssh/sshd_config
|
|
src: sshd_config.j2
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
validate: '/usr/sbin/sshd -T -f %s'
|
|
notify: restart openssh
|
|
|
|
- name: openssh - root keys
|
|
authorized_key: "user=root key={{ item.key }} state={{ item.state | default('present') }}"
|
|
with_items: "{{ common_openssh_keys_root }}"
|
|
when: common_openssh_keys_root
|
|
tags: 'ssh-keys'
|
|
|
|
- name: openssh - host keys
|
|
copy: src=known_hosts dest=/etc/ssh/ssh_known_hosts
|
|
failed_when: false
|
|
|
|
- name: openssh - truncate /etc/motd
|
|
copy: dest=/etc/motd content='' force=yes
|
|
|
|
- name: openssh - set shell to bash
|
|
user: name=root shell=/bin/bash
|