- name: Generate a new SSH key pair
  openssh_keypair:
    path: /etc/ssh/ssh_host_rsa_key
    type: rsa                        
    size: 4096
  register: new_pair
- name: Configure sshd_config settings
  copy:
    dest: /etc/ssh/sshd_config.d/vn-custom.conf
    content: |
      # Do not edit this file! Ansible will overwrite it.
      
      ListenAddress 0.0.0.0
      SyslogFacility AUTH
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  notify: restart sshd
- name: Delete old host SSH keys
  file:
    path: "{{ item }}"
    state: absent
  with_items:
    - /etc/ssh/ssh_host_ecdsa_key
    - /etc/ssh/ssh_host_ecdsa_key.pub
    - /etc/ssh/ssh_host_ed25519_key
    - /etc/ssh/ssh_host_ed25519_key.pub
  when: new_pair is succeeded
  notify: restart sshd