26 lines
516 B
YAML
26 lines
516 B
YAML
---
|
|
- name: ensure sshd_config.d directory exists
|
|
become: true
|
|
file:
|
|
path: "/etc/ssh/sshd_config.d"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
|
|
- name: deploy sshd config file
|
|
become: true
|
|
template:
|
|
src: "00-sshd_config-hardening.conf.j2"
|
|
dest: "/etc/ssh/sshd_config.d/00-sshd_config-hardening.conf"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
validate: "sshd -t -f %s"
|
|
|
|
- name: restart SSH service
|
|
become: true
|
|
service:
|
|
name: ssh
|
|
state: restarted
|