# SSH must be installed and enabled for ansible to even connect so we don't bother with installing
# and starting it.

- name: Configure sshd
  template:
    src: ./filesystem/common/etc/ssh/sshd_config.d/99-local.conf.j2
    dest: /etc/ssh/sshd_config.d/99-local.conf
    mode: 0600
  register: sshd_conf

- name: Configure host-specific sshd
  template:
    src:  "{{ item }}"
    dest: /etc/ssh/sshd_config.d/{{ item | basename | regex_replace('\.j2','') }}
    mode: 0600
  with_fileglob:
    - "./filesystem/{{ ansible_hostname }}/etc/ssh/sshd_config.d/*.j2"
  register: sshd_special_conf

- name: Restart sshd
  systemd:
    name: sshd
    enabled: yes
    state: restarted
  when:
    sshd_conf is changed or
    sshd_special_conf is changed