roles/sshd/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

---

- name: install openssh
  ansible.builtin.package:
    name: openssh
    state: present
  when: ansible_distribution in ["Archlinux"]

- name: generate sshd configuration
  ansible.builtin.template:
    src: sshd_config.j2
    dest: "{{ sshd_configuration_file }}"
    owner: 0
    group: 0
    mode: "0644"
  register: sshd_result_generate_configuration

- name: lint sshd configuration
  ansible.builtin.command: "sshd -tf {{ sshd_configuration_file }}"
  register: sshd_result_lint
  changed_when: false

- name: restart sshd  # noqa: no-handler
  ansible.builtin.service:
    name: sshd
    state: restarted
  when: sshd_result_generate_configuration.changed

- name: enable sshd
  ansible.builtin.service:
    name: sshd
    enabled: true

- name: check ssh connection
  ansible.builtin.wait_for:
    port: "{{ sshd_listen_port }}"
    delay: 1
    state: started