Externalize role

2018-10-08 19:35:24 +02:00 · 2018-10-08 19:35:24 +02:00 · 766a6874df
commit 766a6874df
5 changed files with 355 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,39 @@
+---
+#  - name: Change ssh port
+#    lineinfile: dest=/etc/ssh/sshd_config
+#              regexp="^Port\s"
+#              line="Port {{ centos_common_ssh_port }}"
+#              state=present
+#    notify: Restart ssh
+
+#  - name: Disallow password authentication
+#    lineinfile: dest=/etc/ssh/sshd_config
+#              regexp="^PasswordAuthentication"
+#              line="PasswordAuthentication no"
+#              state=present
+#    notify: Restart ssh
+
+#- name: Allow SSH root access without password
+#  lineinfile: dest=/etc/ssh/sshd_config
+#            regexp="^PermitRootLogin"
+#            line="PermitRootLogin without-password"
+#            state=present
+#  notify: Restart ssh
+
+- name: Installation de la configuration ssh
+  template: src="{{ item }}" dest=/etc/ssh/sshd_config owner=root group=root mode=0600
+  with_first_found:
+  - files:
+    - sshd_config-{{ ansible_hostname }}.j2
+    - sshd_config-{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.j2
+    - sshd_config.j2
+#    paths:
+#      - ../templates
+  notify: Restart ssh
+
+#- name: Installation de la configuration ssh
+#  template: src="templates/sshd_config--{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.j2" dest=/etc/ssh/sshd_config owner=root group=root mode=0600
+#  when:
+#    - ansible_os_family == "RedHat"
+#    - ansible_distribution_major_version == "7"
+#  notify: Restart ssh