Signed-off-by: Peter Mikus <pmikus@cisco.com>
Change-Id: I43c86ab3232a382e7cc9010fb04a0ca269b24e77
18 files changed:
tags: nomad
- role: consul
tags: consul
tags: nomad
- role: consul
tags: consul
- - role: prometheus_exporter
- tags: prometheus_exporter
- - role: jenkins_job_health_exporter
- tags: jenkins_job_health_exporter
- - role: cleanup
- tags: cleanup
+# - role: prometheus_exporter
+# tags: prometheus_exporter
+# - role: jenkins_job_health_exporter
+# tags: jenkins_job_health_exporter
+# - role: cleanup
+# tags: cleanup
- cimc-handlers
- name: Reboot server
- cimc-handlers
- name: Reboot server
+ ansible.builtin.reboot:
reboot_timeout: 3600
tags:
- reboot-server
- name: Wait for server to restart
reboot_timeout: 3600
tags:
- reboot-server
- name: Wait for server to restart
+ ansible.builtin.wait_for:
host: "{{ inventory_hostname }}"
search_regex: OpenSSH
port: 22
host: "{{ inventory_hostname }}"
search_regex: OpenSSH
port: 22
32-bit: "386"
64-bit: "amd64"
consul_architecture: "{{ consul_architecture_map[ansible_architecture] }}"
32-bit: "386"
64-bit: "amd64"
consul_architecture: "{{ consul_architecture_map[ansible_architecture] }}"
+consul_version: "1.12.2"
consul_pkg: "consul_{{ consul_version }}_linux_{{ consul_architecture }}.zip"
consul_zip_url: "https://releases.hashicorp.com/consul/{{ consul_version }}/{{ consul_pkg }}"
consul_force_update: false
consul_pkg: "consul_{{ consul_version }}_linux_{{ consul_architecture }}.zip"
consul_zip_url: "https://releases.hashicorp.com/consul/{{ consul_version }}/{{ consul_pkg }}"
consul_force_update: false
# file roles/consul/handlers/main.yaml
- name: Restart Nomad
# file roles/consul/handlers/main.yaml
- name: Restart Nomad
+ ansible.builtin.systemd:
daemon_reload: true
enabled: true
name: "nomad"
state: "{{ nomad_restart_handler_state }}"
- name: Restart Consul
daemon_reload: true
enabled: true
name: "nomad"
state: "{{ nomad_restart_handler_state }}"
- name: Restart Consul
+ ansible.builtin.systemd:
daemon_reload: true
enabled: true
name: "consul"
daemon_reload: true
enabled: true
name: "consul"
---
# file: roles/consul/meta/main.yaml
---
# file: roles/consul/meta/main.yaml
-# desc: Install consul from stable branch and configure service.
-# inst: Consul
-# conf: ?
-# info: 1.0 - added role
-
dependencies: []
galaxy_info:
role_name: consul
dependencies: []
galaxy_info:
role_name: consul
- name: Ubuntu
versions:
- focal
- name: Ubuntu
versions:
- focal
---
# file: roles/consul/tasks/main.yaml
---
# file: roles/consul/tasks/main.yaml
-- name: Install Dependencies
+- name: Inst - Update Repositories Cache
+ apt:
+ update_cache: true
+ when:
+ - ansible_os_family == 'Debian'
+ tags:
+ - consul-inst-package
+
+- name: Inst - Dependencies
apt:
name: "{{ packages | flatten(levels=1) }}"
state: "present"
cache_valid_time: 3600
install_recommends: false
when:
apt:
name: "{{ packages | flatten(levels=1) }}"
state: "present"
cache_valid_time: 3600
install_recommends: false
when:
- - ansible_distribution|lower == 'ubuntu'
+ - ansible_os_family == 'Debian'
tags:
- consul-inst-dependencies
tags:
- consul-inst-dependencies
name: "systemd-resolved"
state: "{{ systemd_resolved_state }}"
when:
name: "systemd-resolved"
state: "{{ systemd_resolved_state }}"
when:
- - nomad_service_mgr == "systemd"
+ - consul_service_mgr == "systemd"
- "Restart Consul"
- "Restart Nomad"
when:
- "Restart Consul"
- "Restart Nomad"
when:
- - nomad_service_mgr == "systemd"
+ - consul_service_mgr == "systemd"
+- name: Meta - Flush handlers
+ meta: flush_handlers
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted
# Used only for Debian/Ubuntu.
docker_apt_release_channel: "stable"
# Used only for Debian/Ubuntu.
docker_apt_release_channel: "stable"
-docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
+docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
docker_apt_repository_state: present
docker_apt_ignore_key_error: true
docker_apt_gpg_key: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
docker_apt_repository_state: present
docker_apt_ignore_key_error: true
docker_apt_gpg_key: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
docker_yum_repo_enable_test: "0"
docker_yum_gpg_key: https://download.docker.com/linux/centos/gpg
docker_yum_repo_enable_test: "0"
docker_yum_gpg_key: https://download.docker.com/linux/centos/gpg
-# A list of users who will be added to the docker group.
-docker_users:
- - "{{ ansible_user }}"
-
# Proxy settings.
docker_daemon_environment_http:
- "HTTP_PROXY={{ proxy_env.http_proxy }}"
# Proxy settings.
docker_daemon_environment_http:
- "HTTP_PROXY={{ proxy_env.http_proxy }}"
# file roles/docker/handlers/main.yaml
- name: Restart Docker
# file roles/docker/handlers/main.yaml
- name: Restart Docker
+ ansible.builtin.service:
name: "docker"
state: "{{ docker_restart_handler_state }}"
tags:
name: "docker"
state: "{{ docker_restart_handler_state }}"
tags:
-# file: roles/docker/meta/main.yaml
+
+galaxy_info:
+ role_name: docker
+ author: fd.io
+ description: Docker-CE for Linux.
+ company: none
+ license: "license (Apache)"
+ min_ansible_version: 2.9
+ platforms:
+ - name: Ubuntu
+ versions:
+ - focal
+ - jammy
+ galaxy_tags:
+ - docker
# file: roles/docker/tasks/ubuntu_focal.yaml
- name: Inst - Dependencies
# file: roles/docker/tasks/ubuntu_focal.yaml
- name: Inst - Dependencies
name:
- "apt-transport-https"
- "ca-certificates"
name:
- "apt-transport-https"
- "ca-certificates"
- docker-inst-dependencies
- name: Conf - Add APT Key
- docker-inst-dependencies
- name: Conf - Add APT Key
+ ansible.builtin.apt_key:
url: "{{ docker_apt_gpg_key }}"
state: "{{ docker_apt_gpg_key_state }}"
tags:
- docker-conf-apt
- name: Conf - Install APT Repository
url: "{{ docker_apt_gpg_key }}"
state: "{{ docker_apt_gpg_key_state }}"
tags:
- docker-conf-apt
- name: Conf - Install APT Repository
+ ansible.builtin.apt_repository:
repo: "{{ docker_apt_repository }}"
state: "{{ docker_apt_repository_state }}"
update_cache: true
repo: "{{ docker_apt_repository }}"
state: "{{ docker_apt_repository_state }}"
update_cache: true
# file: roles/docker/tasks/ubuntu_jammy.yaml
- name: Inst - Dependencies
# file: roles/docker/tasks/ubuntu_jammy.yaml
- name: Inst - Dependencies
name:
- "apt-transport-https"
- "ca-certificates"
name:
- "apt-transport-https"
- "ca-certificates"
- docker-inst-dependencies
- name: Conf - Add APT Key
- docker-inst-dependencies
- name: Conf - Add APT Key
+ ansible.builtin.apt_key:
url: "{{ docker_apt_gpg_key }}"
state: "{{ docker_apt_gpg_key_state }}"
tags:
- docker-conf-apt
- name: Conf - Install APT Repository
url: "{{ docker_apt_gpg_key }}"
state: "{{ docker_apt_gpg_key_state }}"
tags:
- docker-conf-apt
- name: Conf - Install APT Repository
+ ansible.builtin.apt_repository:
repo: "{{ docker_apt_repository }}"
state: "{{ docker_apt_repository_state }}"
update_cache: true
repo: "{{ docker_apt_repository }}"
state: "{{ docker_apt_repository_state }}"
update_cache: true
---
# file: roles/docker/tasks/main.yaml
---
# file: roles/docker/tasks/main.yaml
-- include_tasks: "{{ ansible_distribution|lower }}_{{ ansible_distribution_release }}.yaml"
+- include_tasks: "{{ ansible_distribution_release }}.yaml"
tags:
- docker-inst-dependencies
- name: Inst - Docker
tags:
- docker-inst-dependencies
- name: Inst - Docker
+ ansible.builtin.package:
name:
- "{{ docker_package }}"
- "{{ docker_package }}-cli"
name:
- "{{ docker_package }}"
- "{{ docker_package }}-cli"
- docker-inst-package
- name: Conf - Docker Service
- docker-inst-package
- name: Conf - Docker Service
+ ansible.builtin.service:
name: docker
state: "{{ docker_service_state }}"
enabled: "{{ docker_service_enabled }}"
name: docker
state: "{{ docker_service_state }}"
enabled: "{{ docker_service_enabled }}"
+ when:
+ - docker_service_mgr == "systemd"
tags:
- docker-conf-service
- name: Conf - Docker Service Directory
tags:
- docker-conf-service
- name: Conf - Docker Service Directory
path: "/etc/systemd/system/docker.service.d"
state: "directory"
path: "/etc/systemd/system/docker.service.d"
state: "directory"
+ mode: "0755"
+ when:
+ - docker_service_mgr == "systemd"
tags:
- docker-conf-service
- name: Conf - Docker Daemon
tags:
- docker-conf-service
- name: Conf - Docker Daemon
+ ansible.builtin.template:
src: "templates/daemon.json.j2"
dest: "/etc/docker/daemon.json"
owner: "root"
src: "templates/daemon.json.j2"
dest: "/etc/docker/daemon.json"
owner: "root"
notify:
- "Restart Docker"
when: >
notify:
- "Restart Docker"
when: >
- docker_daemon is defined
+ docker_daemon is defined and
+ docker_service_mgr == "systemd"
tags:
- docker-conf-daemon
- name: Conf - Docker HTTP Proxy
tags:
- docker-conf-daemon
- name: Conf - Docker HTTP Proxy
+ ansible.builtin.template:
src: "templates/docker.service.proxy.http"
dest: "/etc/systemd/system/docker.service.d/http-proxy.conf"
owner: "root"
src: "templates/docker.service.proxy.http"
dest: "/etc/systemd/system/docker.service.d/http-proxy.conf"
owner: "root"
- "Restart Docker"
when: >
proxy_env is defined and
- "Restart Docker"
when: >
proxy_env is defined and
- proxy_env.http_proxy is defined
+ proxy_env.http_proxy is defined and
+ docker_service_mgr == "systemd"
tags:
- docker-conf-service
- name: Conf - Docker HTTPS Proxy
tags:
- docker-conf-service
- name: Conf - Docker HTTPS Proxy
+ ansible.builtin.template:
src: "templates/docker.service.proxy.https"
dest: "/etc/systemd/system/docker.service.d/https-proxy.conf"
owner: "root"
src: "templates/docker.service.proxy.https"
dest: "/etc/systemd/system/docker.service.d/https-proxy.conf"
owner: "root"
- "Restart Docker"
when: >
proxy_env is defined and
- "Restart Docker"
when: >
proxy_env is defined and
- proxy_env.https_proxy is defined
+ proxy_env.https_proxy is defined and
+ docker_service_mgr == "systemd"
tags:
- docker-conf-service
tags:
- docker-conf-service
-- name: Conf - Users to Docker Group
- user:
- name: "{{ ansible_user }}"
- groups: "docker"
- append: true
- tags:
- - docker-conf-user
-
-- meta: flush_handlers
+- name: Meta - Flush handlers
+ ansible.builtin.meta: flush_handlers
-nomad_version: "{{ lookup('env','NOMAD_VERSION') | default('1.0.4', true) }}"
+nomad_version: "{{ lookup('env','NOMAD_VERSION') | default('1.3.1', true) }}"
nomad_architecture_map:
amd64: "amd64"
x86_64: "amd64"
nomad_architecture_map:
amd64: "amd64"
x86_64: "amd64"
nomad_syslog_enable: true
nomad_iface: "{{ lookup('env','NOMAD_IFACE') | default(ansible_default_ipv4.interface, true) }}"
nomad_node_name: "{{ inventory_hostname }}"
nomad_syslog_enable: true
nomad_iface: "{{ lookup('env','NOMAD_IFACE') | default(ansible_default_ipv4.interface, true) }}"
nomad_node_name: "{{ inventory_hostname }}"
-nomad_node_role: "{{ lookup('env','NOMAD_NODE_ROLE') | default('client', true) }}"
+nomad_node_role: "{{ lookup('env','NOMAD_NODE_ROLE') | default('server', true) }}"
nomad_leave_on_terminate: true
nomad_leave_on_interrupt: false
nomad_disable_update_check: true
nomad_leave_on_terminate: true
nomad_leave_on_interrupt: false
nomad_disable_update_check: true
# TLS
nomad_tls_enable: true
# TLS
nomad_tls_enable: true
-nomad_ca_file: "{{ nomad_ssl_dir }}/ca.pem"
+nomad_ca_file: "{{ nomad_ssl_dir }}/nomad-ca.pem"
nomad_cert_file: "{{ nomad_ssl_dir }}/nomad.pem"
nomad_key_file: "{{ nomad_ssl_dir }}/nomad-key.pem"
nomad_cert_file: "{{ nomad_ssl_dir }}/nomad.pem"
nomad_key_file: "{{ nomad_ssl_dir }}/nomad-key.pem"
+nomad_cli_cert_file: "{{ nomad_ssl_dir }}/nomad-cli.pem"
+nomad_cli_key_file: "{{ nomad_ssl_dir }}/nomad-cli-key.pem"
nomad_http: false
nomad_rpc: false
nomad_rpc_upgrade_mode: false
nomad_http: false
nomad_rpc: false
nomad_rpc_upgrade_mode: false
# file roles/nomad/handlers/main.yaml
- name: Restart Nomad
# file roles/nomad/handlers/main.yaml
- name: Restart Nomad
+ ansible.builtin.systemd:
daemon_reload: true
enabled: true
name: "nomad"
daemon_reload: true
enabled: true
name: "nomad"
---
# file: roles/nomad/meta/main.yaml
---
# file: roles/nomad/meta/main.yaml
-# desc: Install nomad from repo and configure service.
-# inst: Nomad
-# conf: ?
-# info: 1.0 - added role
-
dependencies: [docker]
galaxy_info:
dependencies: [docker]
galaxy_info:
- name: Ubuntu
versions:
- focal
- name: Ubuntu
versions:
- focal
-# file: roles/nomad/tasks/main.yaml
-- name: Install Dependencies
- apt:
+- name: Inst - Update Repositories Cache
+ ansible.builtin.apt:
+ update_cache: true
+ when:
+ - ansible_os_family == 'Debian'
+ tags:
+ - nomad-inst-package
+
+- name: Inst - Dependencies
+ ansible.builtin.apt:
name: "{{ packages | flatten(levels=1) }}"
state: "present"
cache_valid_time: 3600
install_recommends: false
when:
name: "{{ packages | flatten(levels=1) }}"
state: "present"
cache_valid_time: 3600
install_recommends: false
when:
- - ansible_distribution|lower == 'ubuntu'
+ - ansible_os_family == 'Debian'
tags:
- nomad-inst-dependencies
- name: Conf - Add Nomad Group
tags:
- nomad-inst-dependencies
- name: Conf - Add Nomad Group
name: "{{ nomad_group }}"
state: "{{ nomad_user_state }}"
tags:
- nomad-conf-user
- name: Conf - Add Nomad user
name: "{{ nomad_group }}"
state: "{{ nomad_user_state }}"
tags:
- nomad-conf-user
- name: Conf - Add Nomad user
name: "{{ nomad_user }}"
group: "{{ nomad_group }}"
state: "{{ nomad_group_state }}"
name: "{{ nomad_user }}"
group: "{{ nomad_group }}"
state: "{{ nomad_group_state }}"
- nomad-conf-user
- name: Inst - Download Nomad
- nomad-conf-user
- name: Inst - Download Nomad
+ ansible.builtin.get_url:
url: "{{ nomad_zip_url }}"
dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
tags:
- nomad-inst-package
- name: Inst - Clean Nomad
url: "{{ nomad_zip_url }}"
dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
tags:
- nomad-inst-package
- name: Inst - Clean Nomad
path: "{{ nomad_inst_dir }}/nomad"
state: "absent"
when:
path: "{{ nomad_inst_dir }}/nomad"
state: "absent"
when:
- nomad-inst-package
- name: Inst - Unarchive Nomad
- nomad-inst-package
- name: Inst - Unarchive Nomad
+ ansible.builtin.unarchive:
src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
dest: "{{ nomad_inst_dir }}/"
remote_src: true
src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
dest: "{{ nomad_inst_dir }}/"
remote_src: true
- nomad-inst-package
- name: Inst - Nomad
- nomad-inst-package
- name: Inst - Nomad
src: "{{ nomad_inst_dir }}/nomad"
dest: "{{ nomad_bin_dir }}"
owner: "{{ nomad_user }}"
src: "{{ nomad_inst_dir }}/nomad"
dest: "{{ nomad_bin_dir }}"
owner: "{{ nomad_user }}"
- nomad-inst-package
- name: Conf - Create Directories "{{ nomad_data_dir }}"
- nomad-inst-package
- name: Conf - Create Directories "{{ nomad_data_dir }}"
dest: "{{ nomad_data_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
dest: "{{ nomad_data_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
tags:
- nomad-conf
- name: Conf - Create Directories "{{ nomad_ssl_dir }}"
tags:
- nomad-conf
- name: Conf - Create Directories "{{ nomad_ssl_dir }}"
dest: "{{ nomad_ssl_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
dest: "{{ nomad_ssl_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
tags:
- nomad-conf
- name: Conf - Create Config Directory
tags:
- nomad-conf
- name: Conf - Create Config Directory
dest: "{{ nomad_config_dir }}"
state: directory
owner: "{{ nomad_user }}"
dest: "{{ nomad_config_dir }}"
state: directory
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Base Configuration
- nomad-conf
- name: Conf - Base Configuration
+ ansible.builtin.template:
src: base.hcl.j2
dest: "{{ nomad_config_dir }}/base.hcl"
owner: "{{ nomad_user }}"
src: base.hcl.j2
dest: "{{ nomad_config_dir }}/base.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Server Configuration
- nomad-conf
- name: Conf - Server Configuration
+ ansible.builtin.template:
src: server.hcl.j2
dest: "{{ nomad_config_dir }}/server.hcl"
owner: "{{ nomad_user }}"
src: server.hcl.j2
dest: "{{ nomad_config_dir }}/server.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Client Configuration
- nomad-conf
- name: Conf - Client Configuration
+ ansible.builtin.template:
src: client.hcl.j2
dest: "{{ nomad_config_dir }}/client.hcl"
owner: "{{ nomad_user }}"
src: client.hcl.j2
dest: "{{ nomad_config_dir }}/client.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - TLS Configuration
- nomad-conf
- name: Conf - TLS Configuration
+ ansible.builtin.template:
src: tls.hcl.j2
dest: "{{ nomad_config_dir }}/tls.hcl"
owner: "{{ nomad_user }}"
src: tls.hcl.j2
dest: "{{ nomad_config_dir }}/tls.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Telemetry Configuration
- nomad-conf
- name: Conf - Telemetry Configuration
+ ansible.builtin.template:
src: telemetry.hcl.j2
dest: "{{ nomad_config_dir }}/telemetry.hcl"
owner: "{{ nomad_user }}"
src: telemetry.hcl.j2
dest: "{{ nomad_config_dir }}/telemetry.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Consul Configuration
- nomad-conf
- name: Conf - Consul Configuration
+ ansible.builtin.template:
src: consul.hcl.j2
dest: "{{ nomad_config_dir }}/consul.hcl"
owner: "{{ nomad_user }}"
src: consul.hcl.j2
dest: "{{ nomad_config_dir }}/consul.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Copy Certificates And Keys
- nomad-conf
- name: Conf - Copy Certificates And Keys
content: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ nomad_user }}"
content: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ nomad_user }}"
no_log: true
loop: "{{ nomad_certificates | flatten(levels=1) }}"
when:
no_log: true
loop: "{{ nomad_certificates | flatten(levels=1) }}"
when:
+ - nomad_certificates is defined
+ tags:
+ - nomad-conf
+
+- name: Conf - Nomad CLI Environment Variables
+ ansible.builtin.lineinfile:
+ path: "/etc/profile.d/nomad.sh"
+ line: "{{ item }}"
+ create: true
+ loop:
+ - "export NOMAD_ADDR=https://nomad.service.consul:4646"
+ - "export NOMAD_CACERT={{ nomad_ca_file }}"
+ - "export NOMAD_CLIENT_CERT={{ nomad_cli_cert_file }}"
+ - "export NOMAD_CLIENT_KEY={{ nomad_cli_key_file }}"
tags:
- nomad-conf
- name: Conf - System.d Script
tags:
- nomad-conf
- name: Conf - System.d Script
+ ansible.builtin.template:
src: "nomad_systemd.service.j2"
dest: "/lib/systemd/system/nomad.service"
owner: "root"
src: "nomad_systemd.service.j2"
dest: "/lib/systemd/system/nomad.service"
owner: "root"
+- name: Meta - Flush handlers
+ ansible.builtin.meta: flush_handlers
# file: roles/user_add/handlers/main.yaml
- name: Restart SSHd
# file: roles/user_add/handlers/main.yaml
- name: Restart SSHd
+ ansible.builtin.service:
name: sshd
state: restarted
name: sshd
state: restarted
# file: roles/user_add/tasks/main.yaml
- name: Conf - Add User
# file: roles/user_add/tasks/main.yaml
- name: Conf - Add User
append: "{{ item.append | default(omit) }}"
createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
append: "{{ item.append | default(omit) }}"
createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
- user-add-conf
- name: Conf - SSH keys
- user-add-conf
- name: Conf - SSH keys
+ ansible.builtin.authorized_key:
user: "{{ item.0.username }}"
key: "{{ item.1 }}"
with_subelements:
user: "{{ item.0.username }}"
key: "{{ item.1 }}"
with_subelements:
- user-add-conf
- name: Conf - Disable Password Login
- user-add-conf
- name: Conf - Disable Password Login
+ ansible.builtin.lineinfile:
dest: "/etc/ssh/sshd_config"
regexp: "^PasswordAuthentication yes"
line: "PasswordAuthentication no"
dest: "/etc/ssh/sshd_config"
regexp: "^PasswordAuthentication yes"
line: "PasswordAuthentication no"