Still play with vars precedence and try backrefs for lineinfile
This commit is contained in:
parent
8c7c4d7777
commit
fad2dc0217
|
|
@ -2,12 +2,12 @@
|
|||
- hosts: localhost
|
||||
connection: local
|
||||
|
||||
vars:
|
||||
- deploy_public_key: files/id_ed25519_home.pub
|
||||
|
||||
vars_files:
|
||||
- vars/common.yml
|
||||
|
||||
extra_vars:
|
||||
- deploy_public_key: files/id_ed25519_home.pub
|
||||
|
||||
tasks:
|
||||
- include: tasks/arch_CLI_packages.yml
|
||||
- include: tasks/zsh.yml
|
||||
|
|
|
|||
|
|
@ -1,20 +1,22 @@
|
|||
---
|
||||
- name: Copy sshd_config
|
||||
template:
|
||||
src: files/sshd_config
|
||||
dest: /etc/ssh/sshd_config
|
||||
# - name: Copy sshd_config
|
||||
# template:
|
||||
# src: files/sshd_config
|
||||
# dest: /etc/ssh/sshd_config
|
||||
|
||||
- name: Disable empty password login
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^#?PermitEmptyPasswords"
|
||||
line: "PermitEmptyPasswords no"
|
||||
backrefs: yes
|
||||
|
||||
- name: Disable remote root login
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^#?PermitRootLogin"
|
||||
line: "PermitRootLogin no"
|
||||
backrefs: yes
|
||||
|
||||
- name: debug
|
||||
debug:
|
||||
|
|
@ -33,6 +35,7 @@
|
|||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^#?PasswordAuthentication"
|
||||
line: "PasswordAuthentication no"
|
||||
backrefs: yes
|
||||
when: add_identity_key is success and not add_identity_key is skipped
|
||||
notify: restart sshd
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue