37 lines
1.2 KiB
YAML
37 lines
1.2 KiB
YAML
---
|
|
- name: Change SSH Port on Windows
|
|
hosts: windows
|
|
gather_facts: no
|
|
vars:
|
|
new_ssh_port: 22233
|
|
sshd_config_path: 'C:\ProgramData\ssh\sshd_config'
|
|
|
|
tasks:
|
|
# 1. Открываем порт в Windows Firewall (Defender)
|
|
# Делаем это первым делом, чтобы не потерять доступ после рестарта
|
|
- name: Allow new SSH port in Windows Firewall
|
|
community.windows.win_firewall_rule:
|
|
name: "OpenSSH-Server-Custom-Port"
|
|
localport: "{{ new_ssh_port }}"
|
|
action: allow
|
|
direction: in
|
|
protocol: tcp
|
|
profiles: domain,private,public
|
|
state: present
|
|
enabled: yes
|
|
|
|
# 2. Меняем порт в конфиге sshd_config
|
|
# Ищет строку "Port 22" или "#Port 22" и меняет на новый порт
|
|
- name: Update Port in sshd_config
|
|
ansible.windows.win_lineinfile:
|
|
path: "{{ sshd_config_path }}"
|
|
regexp: '^#?Port\s+\d+'
|
|
line: "Port {{ new_ssh_port }}"
|
|
state: present
|
|
notify: Restart Windows SSH
|
|
|
|
handlers:
|
|
- name: Restart Windows SSH
|
|
ansible.windows.win_service:
|
|
name: sshd
|
|
state: restarted |