You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
871 B
YAML
34 lines
871 B
YAML
7 years ago
|
- name: install openssh
|
||
|
pacman: name=openssh state=present
|
||
|
|
||
|
- name: configure sshd
|
||
|
template: src=sshd_config.j2 dest=/etc/ssh/sshd_config owner=root group=root mode=0644
|
||
|
notify:
|
||
|
- restart sshd
|
||
|
|
||
|
- name: set file permissions
|
||
|
file: path=/etc/ssh mode=0600
|
||
|
|
||
|
- name: install motd
|
||
|
template: src=motd.j2 dest=/etc/motd owner=root group=root mode=0644
|
||
|
|
||
|
- name: start and enable sshd
|
||
|
service: name=sshd enabled=yes state=started
|
||
|
|
||
|
- name: enable systemd ressource accounting
|
||
|
command: systemctl set-property sshd CPUAccounting=yes MemoryAccounting=yes
|
||
|
|
||
|
#- name: open firewall holes
|
||
|
# firewalld: service=ssh permanent=true state=enabled
|
||
|
# when: configure_firewall
|
||
|
|
||
|
#- name: add IP-Tables rule
|
||
|
# iptables:
|
||
|
# chain: INPUT
|
||
|
# protocol: tcp
|
||
|
# destination_port: 22
|
||
|
# ctstate: NEW
|
||
|
# syn: match
|
||
|
# jump: ACCEPT
|
||
|
# comment: Accept new SSH connections.
|