From 33567e61902c9a89b08cc57fb73e29dad62cceff Mon Sep 17 00:00:00 2001
From: polyfloyd <floyd@polyfloyd.net>
Date: Mon, 24 Jun 2024 20:25:00 +0200
Subject: [PATCH] Sync from polyfloyd infra

---
 roles/common/tasks/main.yaml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml
index 6e437c8..64f80c3 100644
--- a/roles/common/tasks/main.yaml
+++ b/roles/common/tasks/main.yaml
@@ -76,18 +76,18 @@
     insertafter: '^PATH'
     line: 'MAILTO={{ notify_email }}'
 
-- name: Turn off SSH password auth
+- name: Configure SSH
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '^#?PasswordAuthentication'
-    line: 'PasswordAuthentication no'
-  notify: reload sshd
-
-- name: Configure SSH port
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '^#?Port'
-    line: 'Port {{ ssh_port }}'
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+  with_items:
+    - regexp: '^#?Port'
+      line: 'Port {{ ssh_port }}'
+    - regexp: '^#?PasswordAuthentication'
+      line: 'PasswordAuthentication no'
+    - regexp: '^#?DebianBanner'
+      line: 'DebianBanner no'
   notify: reload sshd
 
 - name: Allow SSH