From 6b71851b06227fedbb8990facdd5020a5082c3a9 Mon Sep 17 00:00:00 2001
From: Ludovic Cartier <ludovic.cartier@alterway.fr>
Date: Fri, 20 Feb 2026 17:00:16 +0100
Subject: [PATCH] ssh - reload only if config changed

---
 tasks/ssh.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/tasks/ssh.yml b/tasks/ssh.yml
index 61b99f2..93ea009 100644
--- a/tasks/ssh.yml
+++ b/tasks/ssh.yml
@@ -5,6 +5,7 @@
     mode: '0644'
     validate: /usr/sbin/sshd -t -f %s
   when: ssh_root_authorized_ips is defined
+  register: sshd_conf_changes
 
 - name: SSH | configure root authorized keys
   template:
@@ -19,9 +20,13 @@
   command: /usr/sbin/sshd -t
   register: sshd_config_check
   changed_when: false
+  when: sshd_conf_changes.changed
 
 - name: SSH | reload SSH service
   service:
     name: ssh
     state: reloaded
-  when: sshd_config_check.rc == 0
+  when: 
+    - sshd_conf_changes.changed
+    - sshd_config_check.rc == 0
+