2024-02-15 02:51:39 +01:00
|
|
|
---
|
|
|
|
- name: Get sshd version
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: "/usr/bin/ssh -V"
|
|
|
|
register: _sshd_version_cmd
|
|
|
|
changed_when: false
|
|
|
|
|
|
|
|
- name: Strip sshd output to Version
|
|
|
|
ansible.builtin.set_fact:
|
|
|
|
_sshd_version: "{{ _sshd_version_cmd.stderr.split('_')[1].split(',')[0].split('p')[0] }}"
|
|
|
|
|
2024-04-09 18:23:58 +02:00
|
|
|
- name: Show detected ssh version (optional)
|
2024-02-15 02:51:39 +01:00
|
|
|
ansible.builtin.debug:
|
|
|
|
msg: "SSH Version: {{ _sshd_version }}"
|
|
|
|
verbosity: 1
|
|
|
|
|
2024-04-09 18:23:58 +02:00
|
|
|
- name: Show detected ssh version is > 8.0 (optional)
|
|
|
|
ansible.builtin.debug:
|
|
|
|
msg: "SSH Version: {{ _sshd_version }} is > 8.0"
|
|
|
|
verbosity: 1
|
|
|
|
when: _sshd_version | default(7.0) | float > 8.0
|
|
|
|
|
2024-02-15 03:37:33 +01:00
|
|
|
- name: Create SSHD configuration
|
|
|
|
become: true
|
|
|
|
ansible.builtin.template:
|
|
|
|
src: 'templates/sshd_config.j2'
|
|
|
|
dest: '/etc/ssh/sshd_config'
|
|
|
|
owner: 'root'
|
|
|
|
group: 'root'
|
|
|
|
mode: 'u=rw,g=r,o=r'
|
|
|
|
validate: '/usr/sbin/sshd -t -f %s'
|
|
|
|
backup: true
|
|
|
|
notify:
|
|
|
|
- 'systemctl restart sshd'
|