33 lines
707 B
YAML
Executable File
33 lines
707 B
YAML
Executable File
---
|
|
- name: Configure ssh root login to {{sshrootlogin}}
|
|
lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
regexp: '^(#)?PermitRootLogin.*'
|
|
line: 'PermitRootLogin {{sshrootlogin}}'
|
|
insertbefore: '^Match.*'
|
|
state: present
|
|
owner: root
|
|
group: root
|
|
mode: 0640
|
|
notify: restart sshd
|
|
|
|
- name: SSH Listen on Main Port
|
|
lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
insertbefore: '^#*AddressFamily'
|
|
line: 'Port {{sshmainport}}'
|
|
state: present
|
|
owner: root
|
|
group: root
|
|
mode: 0640
|
|
notify: restart sshd
|
|
|
|
- name: SSH AllowUsers Setting
|
|
copy:
|
|
src: allow_users.conf
|
|
dest: /etc/ssh/sshd_config.d/allow_users.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|