mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-25 12:30:19 +01:00
26 lines
817 B
YAML
26 lines
817 B
YAML
|
---
|
||
|
- name: Ensure the ssh service or custom ports are opened in firewall
|
||
|
block:
|
||
|
- name: Enable the ssh service on default port
|
||
|
ansible.builtin.include_role:
|
||
|
name: fedora.linux_system_roles.firewall
|
||
|
vars:
|
||
|
firewall:
|
||
|
- service: ssh
|
||
|
state: enabled
|
||
|
when:
|
||
|
- __sshd_ports_from_config | from_json == [22]
|
||
|
|
||
|
- name: Enable the non-default port(s)
|
||
|
ansible.builtin.include_role:
|
||
|
name: fedora.linux_system_roles.firewall
|
||
|
vars:
|
||
|
firewall:
|
||
|
- port: "{{ sshd_item }}/tcp"
|
||
|
state: enabled
|
||
|
loop: "{{ __sshd_ports_from_config | from_json | d([]) }}"
|
||
|
loop_control:
|
||
|
loop_var: sshd_item # avoid conflicts with the firewall loops
|
||
|
when:
|
||
|
- __sshd_ports_from_config | from_json != [22]
|