Initial commit

tasks/main.yml

@@ -0,0 +1,58 @@
+---
+- block:
+    - name: Get stats of {{ _motd_sshd_config_file_path }}
+      stat:
+        path: "{{ _motd_sshd_config_file_path }}"
+      register: _motd_sshd_config_file_stat
+
+    - name: Ensure PrintMotd is set to "no" in {{ _motd_sshd_config_file_path }}
+      lineinfile:
+        path: "{{ _motd_sshd_config_file_path }}"
+        regexp: "^PrintMotd "
+        line: PrintMotd no
+      when: _motd_sshd_config_file_stat.stat.exists
+
+    - name: Comment out pam_motd in pam
+      replace:
+        path: "{{ item }}"
+        regexp: '^(session\s+optional\s+pam_motd.so\s+.*)'
+        replace: '# \1'
+      loop:
+        - "{{ _motd_pam_login_file_path }}"
+        - "{{ _motd_pam_sshd_file_path }}"
+  when: motd_disable_default_motd|bool
+
+- name: Apply template {{ motd_banner_template }} on {{ _motd_banner_file_path }}
+  template:
+    src: "{{ motd_banner_template }}"
+    dest: "{{ _motd_banner_file_path }}"
+    owner: root
+    group: root
+    mode: '0644'
+  when: motd_banner_template
+
+- name: Ensure line "Banner {{ _motd_banner_file_path }}" is {{ _motd_banner_state }} in {{ _motd_sshd_config_file_path }}
+  lineinfile:
+    path: "{{ _motd_sshd_config_file_path }}"
+    regexp: "^(#?)Banner "
+    line: Banner {{ _motd_banner_file_path }}
+    state: "{{ _motd_banner_state }}"
+  notify: Restart sshd
+
+- name: Apply template {{ motd_template }} on {{ _motd_file_path }}
+  template:
+    src: "{{ motd_template }}"
+    dest: "{{ _motd_file_path }}"
+    owner: root
+    group: root
+    mode: '0755'
+  tags:
+    - molecule-idempotence-notest
+
+- name: Add pam_exec {{ _motd_file_path }} in pam
+  lineinfile:
+    path: "{{ item }}"
+    line: session optional pam_exec.so type=open_session stdout {{ _motd_file_path }}
+  loop:
+    - "{{ _motd_pam_login_file_path }}"
+    - "{{ _motd_pam_sshd_file_path }}"