From 6c39ed1e1fe422791ede27275928216d40afc4d0 Mon Sep 17 00:00:00 2001
From: Hyperling <me@hyperling.com>
Date: Sat, 20 Feb 2021 10:03:04 -0600
Subject: [PATCH] PVE servers need root shell.

---
 tasks/general/software/services.yml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/tasks/general/software/services.yml b/tasks/general/software/services.yml
index 3d76200..2560424 100644
--- a/tasks/general/software/services.yml
+++ b/tasks/general/software/services.yml
@@ -40,7 +40,6 @@
     create: no
     backup: yes
   loop:
-    - { "key": '^[\#]?PermitRootLogin',      "value": 'PermitRootLogin no'}
     - { "key": '^[\#]?AllowTcpForwarding',   "value": 'AllowTcpForwarding no'}
     - { "key": '^[\#]?ClientAliveCountMax',  "value": 'ClientAliveCountMax 2'}
     - { "key": '^[\#]?Compression',          "value": 'Compression no'}
@@ -52,6 +51,18 @@
     - { "key": '^[\#]?X11Forwarding',        "value": 'X11Forwarding no'}
     - { "key": '^[\#]?AllowAgentForwarding', "value": 'AllowAgentForwarding no'}
 
+- name: General | Software | Services | Configure SSHD
+  lineinfile:
+    path: "{{ sshd_config }}"
+    regexp: '{{ item.key }}'
+    line: '{{ item.value }} # MANAGED BY ANSIBLE'
+    state: present
+    create: no
+    backup: yes
+  loop:
+    - { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin no'}
+  when: {{ not(ansible_kernel | select ("pve")) }}
+
 - name: General | Software | Services | Enable SSHD
   service:
     name: "{{ sshd }}"