Changeset 13849 for main/waeup-ansible


Ignore:
Timestamp:
24 Apr 2016, 15:05:32 (8 years ago)
Author:
uli
Message:

Use sshd restart as a handler.

This way sshd is only restarted if something really changed, sshd
config wise.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/waeup-ansible/bootstrap.yml

    r13848 r13849  
    1717    deploy_user: 'deploy'
    1818    deploy_public_key: "{{ lookup('file', 'files/id-deploy.pub') }}"
     19
     20  handlers:
     21    - name: "restart sshd"
     22      service:
     23        name="ssh"
     24        enabled=yes
     25        state=restarted
     26
    1927  tasks:
    20 
    2128    - name: "bootstrap | create 'deploy' user"
    2229      user:
     
    4451        regexp='^HostKey /etc/ssh/ssh_host_dsa_key'
    4552        state=present
     53      notify: "restart sshd"
    4654
    4755    - name: "bootstrap | disable ecdsa keys in sshd_config"
     
    5260        regexp='^HostKey /etc/ssh/ssh_host_ecdsa_key'
    5361        state=present
     62      notify: "restart sshd"
    5463
    5564    - name: "bootstrap | set key bits in sshd_config to 4096"
     
    6069        regexp='^ServerKeyBits 1024'
    6170        state=present
     71      notify: "restart sshd"
    6272
    6373    - name: "bootstrap | remove short moduli (<2048 bits) from /etc/ssh/moduli"
     
    6575        dest=/etc/ssh/moduli
    6676        regexp='^([0-9]+\s){4}(1[0-9]{3}\s)'
    67 
    68     - name: "bootstrap | restart sshd"
    69       service:
    70         name="ssh"
    71         enabled=yes
    72         state=restarted
     77      notify: "restart sshd"
Note: See TracChangeset for help on using the changeset viewer.