Move sshd to handler
This commit is contained in:
parent
bbc5f85972
commit
02aa2898a5
2
main.yml
2
main.yml
@ -1,5 +1,5 @@
|
||||
---
|
||||
- hosts: local
|
||||
- hosts: all
|
||||
vars:
|
||||
local_path: '/tmp/eee'
|
||||
roles:
|
||||
|
11
roles/secure/handlers/main.yml
Normal file
11
roles/secure/handlers/main.yml
Normal file
@ -0,0 +1,11 @@
|
||||
- name: Check sshd
|
||||
shell:
|
||||
cmd: sshd -t
|
||||
become: yes
|
||||
listen: "restart_sshd"
|
||||
- name: Restart sshd
|
||||
service:
|
||||
name: sshd
|
||||
state: restarted
|
||||
become: yes
|
||||
listen: "restart_sshd"
|
@ -6,6 +6,7 @@
|
||||
insertbefore: BOF
|
||||
state: 'present'
|
||||
line: 'Protocol 2'
|
||||
notify: restart_sshd
|
||||
- name: UseDNS no
|
||||
lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
@ -14,6 +15,7 @@
|
||||
insertbefore: BOF
|
||||
state: 'present'
|
||||
line: 'UseDNS no'
|
||||
notify: restart_sshd
|
||||
- name: PermitEmptyPasswords no
|
||||
lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
@ -22,6 +24,7 @@
|
||||
insertbefore: BOF
|
||||
state: 'present'
|
||||
line: 'PermitEmptyPasswords no'
|
||||
notify: restart_sshd
|
||||
- name: PermitRootLogin without-password
|
||||
lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
@ -30,3 +33,4 @@
|
||||
insertbefore: BOF
|
||||
state: 'present'
|
||||
line: 'PermitRootLogin without-password'
|
||||
notify: restart_sshd
|
||||
|
Loading…
Reference in New Issue
Block a user