40 lines
827 B
YAML
40 lines
827 B
YAML
---
|
|
- name: Install OpenSSH server
|
|
apt:
|
|
name: openssh-server
|
|
|
|
- name: Enable OpenSSH Server
|
|
systemd:
|
|
name: sshd.service
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: Install sshd configuration file
|
|
template:
|
|
src: sshd_config.j2
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: u=r,g=,o=
|
|
validate: "/usr/sbin/sshd -tf %s"
|
|
notify: Restart sshd
|
|
|
|
- name: Install Users CA public key
|
|
copy:
|
|
content: "{{ openssh_users_ca_public_key }}"
|
|
dest: /etc/ssh/users_ca.pub
|
|
owner: root
|
|
group: root
|
|
mode: u=r,g=,o=
|
|
notify: Restart sshd
|
|
|
|
- name: Install authorized principals file
|
|
copy:
|
|
content: "{{ openssh_authorized_principals | join('\n') }}"
|
|
dest: /etc/ssh/authorized_principals
|
|
owner: root
|
|
group: root
|
|
mode: u=r,g=,o=
|
|
notify: Restart sshd
|
|
...
|