Fix rights for sshd_config

tasks/main.yml

@@ -1,12 +1,15 @@
 ---
 
-- name: sshd | Setup sshd_config
+- name: unbound | Load system-specific vars
+  include_vars: "{{ ansible_system | lower }}.yml"
+
+- name: sshd | Deploy sshd_config
   template:
-    src: "{{ sshd_config_template }}"
+    src:   "{{ sshd_config_template }}"
-    dest: /etc/ssh/sshd_config
+    dest:  /etc/ssh/sshd_config
-    mode: 0640
+    mode:  "{{ sshd_config_props.mode }}"
-    owner: root
+    owner: "{{ sshd_config_props.owner }}"
-    group: root
+    group: "{{ sshd_config_props.group }}"
     validate: sshd -t -f %s
   notify: sshd | Apply config
 

vars/linux.yml

@@ -0,0 +1,6 @@
+---
+
+sshd_config_props:
+  mode: 0640
+  owner: root
+  group: root

vars/openbsd.yml

@@ -0,0 +1,7 @@
+---
+
+sshd_config_props:
+  mode: 0644
+  owner: root
+  group: wheel
+