path: root/roles/sshd/tasks/main.yml

---

- name: install openssh
  ansible.builtin.package:
    name: openssh
    state: present
  when: ansible_distribution in ["Archlinux"]

- name: generate sshd configuration
  ansible.builtin.template:
    src: sshd_config.j2
    dest: "{{ sshd__configuration_file }}"
    owner: 0
    group: 0
    mode: "0644"
  register: sshd__result_generate_configuration

- name: lint sshd configuration
  ansible.builtin.command: "sshd -tf {{ sshd__configuration_file }}"
  register: sshd__result_lint
  changed_when: false

- name: restart sshd  # noqa: no-handler
  ansible.builtin.service:
    name: sshd
    state: restarted
  when: sshd__result_generate_configuration.changed

- name: enable sshd
  ansible.builtin.service:
    name: sshd
    enabled: true

- name: check ssh connection
  ansible.builtin.wait_for:
    port: "{{ sshd__listen_port }}"
    delay: 1
    state: started