ansible-edda/playbooks/tasks/hosts/sshd.yml

# SSH must be installed and enabled for ansible to even connect so we don't bother with installing
# and starting it.

- name: Configure sshd
  template:
    src: ./filesystem/common/etc/ssh/sshd_config.d/99-local.conf.j2
    dest: /etc/ssh/sshd_config.d/99-local.conf
    mode: 0600
  register: sshd_conf

- name: Configure host-specific sshd
  template:
    src:  "{{ item }}"
    dest: /etc/ssh/sshd_config.d/{{ item | basename | regex_replace('\.j2','') }}
    mode: 0600
  with_fileglob:
    - "./filesystem/{{ ansible_hostname }}/etc/ssh/sshd_config.d/*.j2"
  register: sshd_special_conf

- name: Restart sshd
  systemd:
    name: sshd
    enabled: yes
    state: restarted
  when:
    sshd_conf is changed or
    sshd_special_conf is changed
Split machine playbook 2022-09-11 20:55:30 +02:00			`# SSH must be installed and enabled for ansible to even connect so we don't bother with installing`
			`# and starting it.`

			`- name: Configure sshd`
			`template:`
Extend services to yggdrasil and add local proxy 2022-10-02 14:56:43 +02:00			`src: ./filesystem/common/etc/ssh/sshd_config.d/99-local.conf.j2`
			`dest: /etc/ssh/sshd_config.d/99-local.conf`
Split machine playbook 2022-09-11 20:55:30 +02:00			`mode: 0600`
			`register: sshd_conf`

Extend services to yggdrasil and add local proxy 2022-10-02 14:56:43 +02:00			`- name: Configure host-specific sshd`
			`template:`
			`src: "{{ item }}"`
			`dest: /etc/ssh/sshd_config.d/{{ item \| basename \| regex_replace('\.j2','') }}`
			`mode: 0600`
			`with_fileglob:`
			`- "./filesystem/{{ ansible_hostname }}/etc/ssh/sshd_config.d/*.j2"`
			`register: sshd_special_conf`

Split machine playbook 2022-09-11 20:55:30 +02:00			`- name: Restart sshd`
			`systemd:`
			`name: sshd`
			`enabled: yes`
			`state: restarted`
			`when:`
Extend services to yggdrasil and add local proxy 2022-10-02 14:56:43 +02:00			`sshd_conf is changed or`
			`sshd_special_conf is changed`