Move sshd to handler
This commit is contained in:
parent
bbc5f85972
commit
02aa2898a5
2
main.yml
2
main.yml
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
- hosts: local
|
- hosts: all
|
||||||
vars:
|
vars:
|
||||||
local_path: '/tmp/eee'
|
local_path: '/tmp/eee'
|
||||||
roles:
|
roles:
|
||||||
|
11
roles/secure/handlers/main.yml
Normal file
11
roles/secure/handlers/main.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
- name: Check sshd
|
||||||
|
shell:
|
||||||
|
cmd: sshd -t
|
||||||
|
become: yes
|
||||||
|
listen: "restart_sshd"
|
||||||
|
- name: Restart sshd
|
||||||
|
service:
|
||||||
|
name: sshd
|
||||||
|
state: restarted
|
||||||
|
become: yes
|
||||||
|
listen: "restart_sshd"
|
@ -6,6 +6,7 @@
|
|||||||
insertbefore: BOF
|
insertbefore: BOF
|
||||||
state: 'present'
|
state: 'present'
|
||||||
line: 'Protocol 2'
|
line: 'Protocol 2'
|
||||||
|
notify: restart_sshd
|
||||||
- name: UseDNS no
|
- name: UseDNS no
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/ssh/sshd_config
|
path: /etc/ssh/sshd_config
|
||||||
@ -14,6 +15,7 @@
|
|||||||
insertbefore: BOF
|
insertbefore: BOF
|
||||||
state: 'present'
|
state: 'present'
|
||||||
line: 'UseDNS no'
|
line: 'UseDNS no'
|
||||||
|
notify: restart_sshd
|
||||||
- name: PermitEmptyPasswords no
|
- name: PermitEmptyPasswords no
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/ssh/sshd_config
|
path: /etc/ssh/sshd_config
|
||||||
@ -22,6 +24,7 @@
|
|||||||
insertbefore: BOF
|
insertbefore: BOF
|
||||||
state: 'present'
|
state: 'present'
|
||||||
line: 'PermitEmptyPasswords no'
|
line: 'PermitEmptyPasswords no'
|
||||||
|
notify: restart_sshd
|
||||||
- name: PermitRootLogin without-password
|
- name: PermitRootLogin without-password
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/ssh/sshd_config
|
path: /etc/ssh/sshd_config
|
||||||
@ -30,3 +33,4 @@
|
|||||||
insertbefore: BOF
|
insertbefore: BOF
|
||||||
state: 'present'
|
state: 'present'
|
||||||
line: 'PermitRootLogin without-password'
|
line: 'PermitRootLogin without-password'
|
||||||
|
notify: restart_sshd
|
||||||
|
Loading…
Reference in New Issue
Block a user