Always restart sshd after playbook has been run

johanmeiring · Sep 11, 2020 · 077a3f9 · 077a3f9
1 parent 0ac399f
commit 077a3f9
Showing 1 changed file with 13 additions and 6 deletions.
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -41,7 +41,7 @@
 - name: SFTP-Server | Add sshd_config block
   blockinfile:
     dest: /etc/ssh/sshd_config
-    marker: '# {mark} SFTP-Server {{ sftp_group_name }} block'
+    marker: "# {mark} SFTP-Server {{ sftp_group_name }} block"
     block: |
       Match Group {{ sftp_group_name }}
           ChrootDirectory %h
@@ -75,11 +75,11 @@
 # A working chrooted SFTP setup requires root:sftgroup ownership of a user's home directory.
 - name: SFTP-Server | Root SFTP permissions
   file:
-   path: "{{ sftp_home_partition }}"
-   state: directory
-   mode: 0750
-   group: "{{ sftp_group_name }}"
-   owner: root
+    path: "{{ sftp_home_partition }}"
+    state: directory
+    mode: 0750
+    group: "{{ sftp_group_name }}"
+    owner: root
 
 - name: SFTP-Server | Correct ownership and permission of home directories
   file:
@@ -162,3 +162,10 @@
       auth,authpriv.*  /var/log/sftp/auth.log
   when: sftp_enable_logging
   notify: SFTP-Server | Restart rsyslog
+
+# Restart sshd to ensure all configuration has been applied. This should always be the last task.
+- name: SFTP-Server | Restart sshd
+  service:
+    name: "{{ 'ssh' if ansible_os_family == 'Debian' else 'sshd' }}"
+    state: restarted
+  ignore_errors: Yes