From 3f8cdcf29d369b6cd7118e8ffe590adbaaff12db Mon Sep 17 00:00:00 2001
From: Bombar Maxime <bombar@crans.org>
Date: Tue, 17 Dec 2019 15:52:44 +0100
Subject: [PATCH] [sshd] Enables automatic removal of stale sockets. Useful for
 GPG forwarding

---
 roles/ansible/tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/roles/ansible/tasks/main.yml b/roles/ansible/tasks/main.yml
index 2fffc9bc..d0359af3 100644
--- a/roles/ansible/tasks/main.yml
+++ b/roles/ansible/tasks/main.yml
@@ -37,3 +37,16 @@
     src: update-motd.d/05-service.j2
     dest: /etc/update-motd.d/05-ansible
     mode: 0755
+
+- name: Enable automatic removal of stale sockets
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: ^StreamLocalBindUnlink
+    line: "StreamLocalBindUnlink yes # Enable automatic removal of stale sockets"
+    state: present
+
+- name: Restart sshd
+  systemd:
+    enabled: yes
+    state: restarted
+    name: sshd