IaC/ansible/roles/sshd/tasks/main.yml

---
- name: install openssh arch
  become: true
  community.general.pacman:
    name: "{{ openssh_packages }}"
    state: latest
    update_cache: true
    reason: explicit
  when:
    - ansible_os_family == 'Arch'

- name: add authorized keys
  ansible.builtin.copy:
    dest: "/home/{{ ansible_user }}/.ssh/authorized_keys"
    src: "{{ authorized_keys_file }}"
    mode: 0600
    owner: "{{ ansible_user }}"
    group: "{{ ansible_user }}"

- name: configure openssh
  become: true
  ansible.builtin.copy:
    dest: "{{ openssh_configuration_file }}"
    src: "{{ openssh_configuration_src }}"
    mode: "{{ openssh_configuration_mode }}"
    owner: root
    group: root
  notify:
    - restart openssh

- name: start and enable openssh
  become: true
  ansible.builtin.service:
    name: "{{ openssh_service }}"
    state: started
    enabled: yes

- name: flush handlers
  ansible.builtin.meta: flush_handlers
  when:
    - openssh_restart_immediately
ansible openssh 2022-09-02 07:16:21 -04:00			`---`
sshd 2022-09-02 08:38:20 -04:00			`- name: install openssh arch`
add become statements 2022-09-02 09:42:23 -04:00			`become: true`
fix module name 2022-09-02 09:11:45 -04:00			`community.general.pacman:`
ansible openssh 2022-09-02 07:16:21 -04:00			`name: "{{ openssh_packages }}"`
			`state: latest`
			`update_cache: true`
sshd 2022-09-02 08:35:35 -04:00			`reason: explicit`
			`when:`
			`- ansible_os_family == 'Arch'`

			`- name: add authorized keys`
			`ansible.builtin.copy:`
			`dest: "/home/{{ ansible_user }}/.ssh/authorized_keys"`
			`src: "{{ authorized_keys_file }}"`
			`mode: 0600`
			`owner: "{{ ansible_user }}"`
			`group: "{{ ansible_user }}"`

			`- name: configure openssh`
add become statements 2022-09-02 09:42:23 -04:00			`become: true`
sshd 2022-09-02 08:35:35 -04:00			`ansible.builtin.copy:`
			`dest: "{{ openssh_configuration_file }}"`
			`src: "{{ openssh_configuration_src }}"`
			`mode: "{{ openssh_configuration_mode }}"`
			`owner: root`
			`group: root`
			`notify:`
			`- restart openssh`

			`- name: start and enable openssh`
add become statements 2022-09-02 09:42:23 -04:00			`become: true`
sshd 2022-09-02 08:35:35 -04:00			`ansible.builtin.service:`
			`name: "{{ openssh_service }}"`
			`state: started`
			`enabled: yes`

			`- name: flush handlers`
			`ansible.builtin.meta: flush_handlers`
			`when:`
			`- openssh_restart_immediately`