Add a stanca to change sshd port

2021-01-02 20:26:24 +01:00 · 2021-01-02 20:26:24 +01:00 · fecde9e1df
parent 0559e19547
commit fecde9e1df
2 changed files with 10 additions and 1 deletions
--- a/roles/sshd/defaults/main.yml
+++ b/roles/sshd/defaults/main.yml
@ -1,3 +1,5 @@
 ---
 sshd_become: true
 sshd_become_user: root
+
+sshd_port: 22
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@ -13,6 +13,13 @@
      state: started
      name: sshd

+  - name: set the sshd port
+    lineinfile:
+      path: /etc/ssh/sshd_config
+      regexp: "^#?Port"
+      line: "Port {{ sshd_port }}"
+    notify: systemctl restart sshd
+
  - name: harden openssh-server
    lineinfile:
      path: /etc/ssh/sshd_config
@ -49,7 +56,7 @@
  # - name: check that openssh-server is listening
  #   wait_for:
  #     host: "{{ inventory_hostname }}"
-  #     port: 22
+  #     port: "{{ sshd_port }}"
  #     timeout: 5
  #     search_regex: OpenSSH
  #     delay: 2