2023-07-03 22:20:02 +00:00
|
|
|
---
|
|
|
|
|
- name: Load a variable file based on the OS type, or a default if not found.
|
|
|
|
|
include_vars: "{{ item }}"
|
|
|
|
|
with_first_found:
|
2023-07-24 22:23:49 +00:00
|
|
|
- "{{ ansible_distribution }}-{{ ansible_facts.distribution_major_version }}.yml"
|
2023-07-03 22:20:02 +00:00
|
|
|
- "{{ ansible_distribution }}.yml"
|
|
|
|
|
- "{{ ansible_os_family }}.yml"
|
2023-07-24 22:23:49 +00:00
|
|
|
- "default.yml"
|
2023-07-03 22:20:02 +00:00
|
|
|
|
|
|
|
|
- name: Ensure sysadmin utility packages are installed.
|
|
|
|
|
ansible.builtin.package:
|
|
|
|
|
state: present
|
|
|
|
|
name: "{{ sysadmin_packages }}"
|
2023-07-14 17:12:06 +00:00
|
|
|
|
|
|
|
|
- name: Generate ed25519 SSH host key
|
|
|
|
|
ansible.builtin.command:
|
|
|
|
|
cmd: ssh-keygen -A
|
|
|
|
|
creates: /etc/ssh/ssh_host_ed25519_key
|
|
|
|
|
|
|
|
|
|
- name: Prefer ed25519 HostKeys in sshd_config
|
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
|
regex: 'HostKey /etc/ssh/ssh_host_ed25519_key'
|
|
|
|
|
line: 'HostKey /etc/ssh/ssh_host_ed25519_key'
|
2023-07-14 17:53:53 +00:00
|
|
|
state: present
|
2023-07-15 15:43:00 +00:00
|
|
|
notify: restart ssh
|
