Add role for deploying SSH config and also add mailserver-endpoint host

playbooks/roles/deploy_ssh_server_config/tasks/main.yaml

@@ -0,0 +1,23 @@
+# Role and config created after: https://infosec.mozilla.org/guidelines/openssh
+- name: deploy SSH server config
+  become: true
+
+  block:
+  - name: deploy `sshd_config`
+    ansible.builtin.copy:
+      force: true
+      dest: /etc/ssh/sshd_config
+      mode: 0644
+      owner: root
+      group: root
+      src: sshd_config
+    register: deploy_ssh_server_config__ssh_config_copy_result
+
+  - name: deactivate short moduli
+    ansible.builtin.shell:
+      cmd: awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.tmp && mv /etc/ssh/moduli.tmp /etc/ssh/moduli
+
+  # Rebooting here instead of restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection.
+  - name: reboot, if ssh server config got changed
+    ansible.builtin.reboot:
+    when: deploy_ssh_server_config__ssh_config_copy_result.changed