adding ssh role

roles/ssh/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart ssh
+  service:
+    name: ssh
+    state: restarted

roles/ssh/tasks/main.yml

@@ -0,0 +1,19 @@
+---
+- name: Configure SSH access
+  tags: [ssh, server]
+  become: true
+  block:
+    - name: Remove any PermitRootLogin instruction
+      lineinfile:
+        dest: /etc/ssh/sshd_config
+        regexp: "^PermitRootLogin"
+        state: absent
+      notify: restart ssh
+
+    - name: Disable SSH root login
+      lineinfile:
+        dest: /etc/ssh/sshd_config
+        regexp: "^PermitRootLogin"
+        line: "PermitRootLogin prohibit-password"
+        state: present
+      notify: restart ssh