- name: install openssh
  pacman: name=openssh state=present

- name: configure sshd
  template: src=sshd_config.j2 dest=/etc/ssh/sshd_config owner=root group=root mode=0644
  notify:
    - restart sshd

- name: set file permissions
  file: path=/etc/ssh mode=0600

- name: install motd
  template: src=motd.j2 dest=/etc/motd owner=root group=root mode=0644

- name: start and enable sshd
  service: name=sshd enabled=yes state=started

- name: enable systemd ressource accounting
  command: systemctl set-property sshd CPUAccounting=yes MemoryAccounting=yes

#- name: open firewall holes
#  firewalld: service=ssh permanent=true state=enabled
#  when: configure_firewall

#- name: add IP-Tables rule
#  iptables:
#    chain: INPUT
#    protocol: tcp
#    destination_port: 22
#    ctstate: NEW
#    syn: match
#    jump: ACCEPT
#    comment: Accept new SSH connections.