Lewiscowles1986/task.yml Secret

## task.yml
---
- hosts: all
  gather_facts: true
  vars:
  pre_tasks:
  - name: install python
    raw: bash -c "test -e /usr/bin/python || (apt -qqy update && apt install -qqy python python-pip python3 python3-pip)"
    register: output
    changed_when: output.stdout != ""
  tasks:
    - name: Set authorized key for root user copying it from current user
      authorized_key:
        user: root
        state: present
        key: "{{ lookup('file', '/media/clients/clientname/2017_4096_rsa.pub') }}"
    - name: Enabling ssh-key only root access
      lineinfile:
        dest: /etc/ssh/sshd_config
        regexp: '^PermitRootLogin'
        line: 'PermitRootLogin without-password'
      notify:
        - restart_sshd
        - restart_ssh
  handlers:
    - name: restart_sshd
      service:
        name: sshd
        state: restarted
        enabled: true
      when: ansible_distribution == 'RedHat'
    - name: restart_ssh
      service:
        name: ssh
        state: restarted
        enabled: true
      when: ansible_distribution == 'Debian'
	---
	- hosts: all
	gather_facts: true
	vars:
	pre_tasks:
	- name: install python
	raw: bash -c "test -e /usr/bin/python \|\| (apt -qqy update && apt install -qqy python python-pip python3 python3-pip)"
	register: output
	changed_when: output.stdout != ""
	tasks:
	- name: Set authorized key for root user copying it from current user
	authorized_key:
	user: root
	state: present
	key: "{{ lookup('file', '/media/clients/clientname/2017_4096_rsa.pub') }}"
	- name: Enabling ssh-key only root access
	lineinfile:
	dest: /etc/ssh/sshd_config
	regexp: '^PermitRootLogin'
	line: 'PermitRootLogin without-password'
	notify:
	- restart_sshd
	- restart_ssh
	handlers:
	- name: restart_sshd
	service:
	name: sshd
	state: restarted
	enabled: true
	when: ansible_distribution == 'RedHat'
	- name: restart_ssh
	service:
	name: ssh
	state: restarted
	enabled: true
	when: ansible_distribution == 'Debian'