init

2026-02-19 11:34:13 +00:00
commit f243f440c3
191 changed files with 6183 additions and 0 deletions
--- a/ansible/roles/harden/sshd_config/tasks/main.yml
+++ b/ansible/roles/harden/sshd_config/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+- name: ensure sshd_config.d directory exists
+  become: true
+  file:
+    path: "/etc/ssh/sshd_config.d"
+    state: directory
+    owner: root
+    group: root
+    mode: "0755"
+
+- name: deploy sshd config file
+  become: true
+  template:
+    src: "00-sshd_config-hardening.conf.j2"
+    dest: "/etc/ssh/sshd_config.d/00-sshd_config-hardening.conf"
+    owner: root
+    group: root
+    mode: "0644"
+    validate: "sshd -t -f %s"
+
+- name: restart SSH service
+  become: true
+  service:
+    name: ssh
+    state: restarted