accounts: use a variable for sshd PermitRootLogin
This commit is contained in:
parent
aed61c3df6
commit
3d941a99a3
2
roles/accounts/defaults/main.yml
Normal file
2
roles/accounts/defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
evobsd_root_login: "no"
|
|
@ -107,8 +107,8 @@
|
||||||
- name: "Disable root login"
|
- name: "Disable root login"
|
||||||
replace:
|
replace:
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
regexp: '^PermitRootLogin (yes|without-password|prohibit-password)'
|
regexp: '^PermitRootLogin\s+(yes|without-password|prohibit-password)'
|
||||||
replace: "PermitRootLogin no"
|
replace: "PermitRootLogin {{ evobsd_root_login }}"
|
||||||
notify: reload sshd
|
notify: reload sshd
|
||||||
tags:
|
tags:
|
||||||
- accounts
|
- accounts
|
||||||
|
|
Loading…
Reference in a new issue