---
#  - name: Change ssh port
#    lineinfile: dest=/etc/ssh/sshd_config
#              regexp="^Port\s"
#              line="Port {{ centos_common_ssh_port }}"
#              state=present
#    notify: Restart ssh

#  - name: Disallow password authentication
#    lineinfile: dest=/etc/ssh/sshd_config
#              regexp="^PasswordAuthentication"
#              line="PasswordAuthentication no"
#              state=present
#    notify: Restart ssh

#- name: Allow SSH root access without password
#  lineinfile: dest=/etc/ssh/sshd_config
#            regexp="^PermitRootLogin"
#            line="PermitRootLogin without-password"
#            state=present
#  notify: Restart ssh

- name: Installation de la configuration ssh
  template:
    src: "{{ item }}"
    dest: /etc/ssh/sshd_config
    owner: root
    group: root
    mode: 0600
    backup: 'yes'
    validate: '/usr/sbin/sshd -t -f %s'

  with_first_found:
  - files:
    - sshd_config-{{ ansible_hostname }}.j2
    - sshd_config-{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.j2
    - sshd_config.j2
#    paths:
#      - ../templates
  notify: Restart ssh

#- name: Installation de la configuration ssh
#  template: src="templates/sshd_config--{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.j2" dest=/etc/ssh/sshd_config owner=root group=root mode=0600
#  when:
#    - ansible_os_family == "RedHat"
#    - ansible_distribution_major_version == "7"
#  notify: Restart ssh