rene/ansible-pull
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
7f404ad775f71348c06037e6a017f8b8fa54575c
ansible-pull/roles/base/tasks/system_setup/openssh.yml
Rene Mewissen 08490e0402 sudoers
2022-10-27 18:17:00 +02:00

61 lines
1.5 KiB
YAML
Raw Blame History

- name: system setup | openssh | install or update daemon package
tags: openssh,ssh,system,settings
package:
name: "{{ openssh_package }}"
state: latest
notify: restart_sshd
- name: system setup | openssh | enable daemon
tags: openssh,ssh,system,settings
service:
name: "{{ openssh_service }}"
enabled: yes
state: started
- name: system setup | openssh | create config dir
file:
path: "/etc/ssh/sshd_config.d"
state: directory
- name: system setup | openssh | include sshd config dir in configuration
lineinfile:
path: "/etc/ssh/sshd_config"
line: "Include /etc/ssh/sshd_config.d/*.conf"
state: present
insertbefore: "^#?Port.*$"
notify: restart_sshd
- name: system setup | openssh | copy sshd custom config
tags: openssh,ssh,system,settings
copy:
src: system_setup/sshd_custom.conf
dest: /etc/ssh/sshd_config.d/custom.conf
owner: root
group: root
mode: '0644'
notify: restart_sshd
- name: system setup | openssh | install fail2ban
tags: fail2ban,ssh,system,settings
package:
name: fail2ban
state: latest
notify: restart_fail2ban
- name: system setup | openssh | enable fail2ban
tags: fail2ban,ssh,system,settings
service:
name: fail2ban
enabled: yes
notify: restart_fail2ban
- name: system setup | openssh | copy local jail for fail2ban
tags: fail2ban,ssh,system,settings
copy:
src: system_setup/jail.local
dest: /etc/fail2ban/jail.local
owner: root
group: root
mode: '0644'
notify: restart_fail2ban
Reference in New Issue View Git Blame Copy Permalink