Refs #8025 Rol debian-base. Task ssh to conf.d directory

2024-10-10 15:48:34 +02:00 · 2024-10-10 15:48:34 +02:00 · 94ca22734d
parent e195130241
commit 94ca22734d
1 changed files with 11 additions and 7 deletions
--- a/roles/debian-base/tasks/ssh.yml
+++ b/roles/debian-base/tasks/ssh.yml
@ -5,13 +5,17 @@
    size: 4096
  register: new_pair
 - name: Configure sshd_config settings
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: "{{ item.regexp }}"
-    line: "{{ item.line }}"
-  loop:
-    - { regexp: '^#ListenAddress 0.0.0.0', line: 'ListenAddress 0.0.0.0' }
-    - { regexp: '^#SyslogFacility AUTH', line: 'SyslogFacility AUTH' }
+  copy:
+    dest: /etc/ssh/sshd_config.d/custom.conf
+    content: |
+      # Do not edit this file! Ansible will overwrite it.
+      
+      ListenAddress 0.0.0.0
+      SyslogFacility AUTH
+      permitRootLogin yes
+  owner: root
+  group: root
+  mode: '0644'
 - name: Delete old host SSH keys
  file:
    path: "{{ item }}"