initial ansible setup

author: Johannes Stoelp <johannes.stoelp@gmail.com> 2022-12-05 21:42:17 +0100
committer: Johannes Stoelp <johannes.stoelp@gmail.com> 2022-12-05 21:42:17 +0100
commit: 3b040fac09eb158caf963d7c956610f99f8e0c17 (patch)
tree: a39b2297abf2d404e1c974aebdd2fb17ffa2de69 /roles/sshd
download: ansible-memzero-3b040fac09eb158caf963d7c956610f99f8e0c17.tar.gz
ansible-memzero-3b040fac09eb158caf963d7c956610f99f8e0c17.zip
2 files changed, 19 insertions, 0 deletions
diff --git a/roles/sshd/handlers/main.yml b/roles/sshd/handlers/main.yml
new file mode 100644
index 0000000..429dd83
--- /dev/null
+++ b/roles/sshd/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Restart sshd
+  become: True
+  ansible.builtin.service:
+    name: sshd
+    state: restarted
+\ No newline at end of file
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
new file mode 100644
index 0000000..c4dd9ea
--- /dev/null
+++ b/roles/sshd/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+- name: Configure sshd
+  become: True
+  lineinfile:
+    dest: "/etc/ssh/sshd_config"
+    regexp: "{{ item.regex }}"
+    line: "{{ item.line }}"
+  notify: Restart sshd
+  loop:
+    - { regex: '^(#\s*)?PermitEmptyPasswords'  , line: 'PermitEmptyPasswords no' }
+    - { regex: '^(#\s*)?PermitRootLogin'       , line: 'PermitRootLogin no' }
+    - { regex: '^(#\s*)?PasswordAuthentication', line: 'PasswordAuthentication no' }
+    - { regex: '^(#\s*)?UsePAM'                , line: 'UsePAM yes' }
+\ No newline at end of file
author	Johannes Stoelp <johannes.stoelp@gmail.com>	2022-12-05 21:42:17 +0100
committer	Johannes Stoelp <johannes.stoelp@gmail.com>	2022-12-05 21:42:17 +0100
commit	3b040fac09eb158caf963d7c956610f99f8e0c17 (patch)
tree	a39b2297abf2d404e1c974aebdd2fb17ffa2de69 /roles/sshd
download	ansible-memzero-3b040fac09eb158caf963d7c956610f99f8e0c17.tar.gz ansible-memzero-3b040fac09eb158caf963d7c956610f99f8e0c17.zip