42 lines
1.0 KiB
YAML
42 lines
1.0 KiB
YAML
---
|
|
- name: openssh - install
|
|
package: name=openssh-server
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: openssh - install
|
|
package: name=openssh
|
|
when: ansible_os_family != "Debian"
|
|
|
|
- name: openssh - start and enable
|
|
service: name=ssh state=started enabled=yes
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: openssh - start and enable
|
|
service: name=sshd state=started enabled=yes
|
|
when: ansible_os_family != "Debian"
|
|
|
|
- name: openssh - config
|
|
template:
|
|
dest: /etc/ssh/sshd_config
|
|
src: sshd_config.j2
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
validate: '/usr/sbin/sshd -T -f %s'
|
|
notify: reload openssh
|
|
|
|
- name: openssh - root keys
|
|
authorized_key: user=root key={{ common_openssh_keys_root | join("\n") }} exclusive=yes
|
|
when: common_openssh_keys_root
|
|
tags: 'ssh-keys'
|
|
|
|
- name: openssh - host keys
|
|
copy: src=known_hosts dest=/etc/ssh/ssh_known_hosts
|
|
failed_when: false
|
|
|
|
- name: openssh - truncate /etc/motd
|
|
copy: dest=/etc/motd content='' force=yes
|
|
|
|
- name: openssh - set shell to bash
|
|
user: name=root shell=/bin/bash
|