From 789282c82bd0eb1c986da9633eb490f8f27a2db9 Mon Sep 17 00:00:00 2001
From: Mark Janssen -- Sig-I/O Automatisering <mark@sig-io.nl>
Date: Sun, 14 Jul 2024 20:02:12 +0200
Subject: [PATCH] Add validation on sshd-config changes

---
 roles/common/tasks/main.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml
index b0b39cf..10ce3a1 100644
--- a/roles/common/tasks/main.yaml
+++ b/roles/common/tasks/main.yaml
@@ -108,6 +108,7 @@
     path: /etc/ssh/sshd_config
     regexp: "{{ item.regexp }}"
     line: "{{ item.line }}"
+    validate: "/usr/sbin/sshd -t -f %s"
   with_items:
     - regexp: '^#?Port'
       line: 'Port {{ ssh_port }}'