From 517ad8113c152e81449e7a2b8ebe43bc072f1089 Mon Sep 17 00:00:00 2001
From: ogrechko <ogrechko@top-sysops.ru>
Date: Fri, 5 Dec 2025 08:34:18 +0000
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D1=82?=
 =?UTF-8?q?=D1=8C=20test-playbooks/windows=5Fchange=5Fssh=5Fport.yml?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 test-playbooks/windows_change_ssh_port.yml | 37 ++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 test-playbooks/windows_change_ssh_port.yml

diff --git a/test-playbooks/windows_change_ssh_port.yml b/test-playbooks/windows_change_ssh_port.yml
new file mode 100644
index 0000000..eba20b3
--- /dev/null
+++ b/test-playbooks/windows_change_ssh_port.yml
@@ -0,0 +1,37 @@
+---
+- name: Change SSH Port on Windows
+  hosts: windows
+  gather_facts: no
+  vars:
+    new_ssh_port: 22233
+    sshd_config_path: 'C:\ProgramData\ssh\sshd_config'
+
+  tasks:
+    # 1. Открываем порт в Windows Firewall (Defender)
+    # Делаем это первым делом, чтобы не потерять доступ после рестарта
+    - name: Allow new SSH port in Windows Firewall
+      community.windows.win_firewall_rule:
+        name: "OpenSSH-Server-Custom-Port"
+        localport: "{{ new_ssh_port }}"
+        action: allow
+        direction: in
+        protocol: tcp
+        profiles: domain,private,public
+        state: present
+        enabled: yes
+
+    # 2. Меняем порт в конфиге sshd_config
+    # Ищет строку "Port 22" или "#Port 22" и меняет на новый порт
+    - name: Update Port in sshd_config
+      ansible.windows.win_lineinfile:
+        path: "{{ sshd_config_path }}"
+        regexp: '^#?Port\s+\d+'
+        line: "Port {{ new_ssh_port }}"
+        state: present
+      notify: Restart Windows SSH
+
+  handlers:
+    - name: Restart Windows SSH
+      ansible.windows.win_service:
+        name: sshd
+        state: restarted
\ No newline at end of file