biiiiig update !

tasks/ssh.yml

@@ -0,0 +1,27 @@
+- name: SSH | configure root login restrictions
+  template:
+    src: sshd_root_conf.j2
+    dest: /etc/ssh/sshd_config.d/root.conf
+    mode: '0644'
+    validate: /usr/sbin/sshd -t -f %s
+  when: ssh_root_authorized_ips is defined
+
+- name: SSH | configure root authorized keys
+  template:
+    src: root_authorized_keys.j2
+    dest: "{{ ssh_root_authorized_keys_file | default('/root/.ssh/authorized_keys') }}"
+    owner: root
+    group: root
+    mode: '0600'
+  when: ssh_root_authorized_keys is defined
+
+- name: SSH | test SSH configuration
+  command: /usr/sbin/sshd -t
+  register: sshd_config_check
+  changed_when: false
+
+- name: SSH | reload SSH service
+  service:
+    name: ssh
+    state: reloaded
+  when: sshd_config_check.rc == 0