From e6ab9ac621b035abe9e4040394148bd278c2cb32 Mon Sep 17 00:00:00 2001
From: "ladislav.dusa" <ladislav.dusa@cancom.de>
Date: Wed, 16 Apr 2025 12:36:30 +0200
Subject: [PATCH] renamed customer user group

---
 roles/setup/tasks/main.yml       |  5 +++++
 roles/sshd_config/tasks/main.yml | 14 ++++++++++++++
 roles/sshd_config/vars/main.yml  |  1 +
 3 files changed, 20 insertions(+)
 create mode 100755 roles/setup/tasks/main.yml
 create mode 100755 roles/sshd_config/tasks/main.yml
 create mode 100755 roles/sshd_config/vars/main.yml

diff --git a/roles/setup/tasks/main.yml b/roles/setup/tasks/main.yml
new file mode 100755
index 0000000..21e6d44
--- /dev/null
+++ b/roles/setup/tasks/main.yml
@@ -0,0 +1,5 @@
+- name: Setup
+  become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
+  block:
+    - name: Gather facts
+      ansible.builtin.setup:
diff --git a/roles/sshd_config/tasks/main.yml b/roles/sshd_config/tasks/main.yml
new file mode 100755
index 0000000..df24b02
--- /dev/null
+++ b/roles/sshd_config/tasks/main.yml
@@ -0,0 +1,14 @@
+- name: SSHD config Setup
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+  block:
+    - name: Reconfigure sshd
+      ansible.builtin.replace:
+        path: /etc/ssh/sshd_config
+        regexp: "^PermitRootLogin"
+        replace: "#PermitRootLogin"
+    - name: Restart ssh service
+      ansible.builtin.service:
+        name: ssh
+        state: restarted
+        daemon_reload: true
+        enabled: true
diff --git a/roles/sshd_config/vars/main.yml b/roles/sshd_config/vars/main.yml
new file mode 100755
index 0000000..a63bf71
--- /dev/null
+++ b/roles/sshd_config/vars/main.yml
@@ -0,0 +1 @@
+dest_folder: "/tmp/ans_repo"