1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_collection_users.git synced 2024-08-16 10:29:50 +02:00
ansible_collection_users/roles/sshd/tasks/sshd_config.yml

35 lines
934 B
YAML
Raw Normal View History

2024-02-15 02:51:39 +01:00
---
- name: Get sshd version
ansible.builtin.command:
cmd: "/usr/bin/ssh -V"
register: _sshd_version_cmd
changed_when: false
- name: Strip sshd output to Version
ansible.builtin.set_fact:
_sshd_version: "{{ _sshd_version_cmd.stderr.split('_')[1].split(',')[0].split('p')[0] }}"
2024-04-09 18:23:58 +02:00
- name: Show detected ssh version (optional)
2024-02-15 02:51:39 +01:00
ansible.builtin.debug:
msg: "SSH Version: {{ _sshd_version }}"
verbosity: 1
2024-04-09 18:23:58 +02:00
- name: Show detected ssh version is > 8.0 (optional)
ansible.builtin.debug:
msg: "SSH Version: {{ _sshd_version }} is > 8.0"
verbosity: 1
when: _sshd_version | default(7.0) | float > 8.0
2024-02-15 03:37:33 +01:00
- name: Create SSHD configuration
become: true
ansible.builtin.template:
src: 'templates/sshd_config.j2'
dest: '/etc/ssh/sshd_config'
owner: 'root'
group: 'root'
mode: 'u=rw,g=r,o=r'
validate: '/usr/sbin/sshd -t -f %s'
backup: true
notify:
- 'systemctl restart sshd'