WIP: feat(openssh): add ansible role

roles/openssh/tasks/configure-sshd.yml

@@ -0,0 +1,25 @@
+---
+- name: Configure sshd
+  ansible.builtin.lineinfile:
+    path: "{{ openssh_sshd_config_file }}"
+    regexp: "{{ openssh_sshd_config_regexp }}"
+    line: "{{ openssh_sshd_config_line }}"
+    state: present
+    validate: "sshd -Tf %s"
+  loop: "{{ openssh_sshd_merged_config | dict2items }}"
+  loop_control:
+    loop_var: "tuple"
+    label: "{{ tuple.key }}"
+  vars:
+    openssh_sshd_config_regexp: "^\\s*#?\\s*{{ tuple.key }}"
+    openssh_sshd_config_line: >-2
+      {{ openssh_sshd_config_line_commented }}{{ tuple.key }} {{ openssh_sshd_config_value }}
+    openssh_sshd_config_value_is_none: "{{ tuple.value is none }}"
+    openssh_sshd_config_line_commented: >-2
+      {{ openssh_sshd_config_value_is_none | ternary('#', '') }}
+    openssh_sshd_config_value: >-2
+      {{ (tuple.value is boolean) | ternary(
+           tuple.value | ternary('yes', 'no'),
+           tuple.value
+         )
+      }}

roles/openssh/tasks/install.yml

@@ -0,0 +1,2 @@
+---
+

roles/openssh/tasks/main.yml

@@ -0,0 +1,8 @@
+---
+- name: Ensure openssh is {{ openssh_state }}
+  ansible.builtin.include_tasks:
+    file: "install.yml"
+
+- name: Ensure sshd is configured
+  ansible.builtin.include_tasks:
+    file: "configure-sshd.yml"