ansible-sshd/tasks/install_service.yml

---
- name: Install systemd service files
  when: sshd_install_service | bool and ansible_facts['service_mgr'] == 'systemd'
  block:
    - name: Install service unit file
      ansible.builtin.template:
        src: "{{ sshd_service_template_service }}"
        dest: "/etc/systemd/system/{{ sshd_service }}.service"
        owner: root
        group: root
        mode: "0644"
      notify: reload_sshd

    - name: Install instanced service unit file
      ansible.builtin.template:
        src: "{{ sshd_service_template_at_service }}"
        dest: "/etc/systemd/system/{{ sshd_service }}@.service"
        owner: root
        group: root
        mode: "0644"
      notify: reload_sshd
      when:
        - __sshd_socket_accept | bool

    - name: Install socket unit file
      ansible.builtin.template:
        src: "{{ sshd_service_template_socket }}"
        dest: "/etc/systemd/system/{{ sshd_service }}.socket"
        owner: root
        group: root
        mode: "0644"
      notify: reload_sshd

- name: Service enabled and running
  ansible.builtin.service:
    name: "{{ sshd_service }}"
    enabled: true
    state: started
  when:
    - sshd_manage_service|bool
    - ansible_facts['virtualization_type'] | default(None) not in __sshd_skip_virt_env
    - ansible_connection != 'chroot'

# Due to ansible bug 21026, cannot use service module on RHEL 7
- name: Enable service in chroot
  ansible.builtin.command: systemctl enable {{ sshd_service }}  # noqa command-instead-of-module
  when:
    - ansible_connection == 'chroot'
    - ansible_facts['os_family'] == 'RedHat'
    - ansible_facts['distribution_major_version'] | int >= 7
  changed_when: true