core: Swap to ansible roles for config

Signed-off-by: Noah Knegt <git@noahknegt.com>

roles/base/templates/sshd_config.j2

@@ -0,0 +1,33 @@
+Banner /etc/issue.net
+PrintMOTD no
+
+Port {{ ssh_port | default(22) }}
+Protocol 2
+
+# Authentication:
+AllowUsers {{ ssh_users | default("noahk") }}
+ChallengeResponseAuthentication no
+HostbasedAuthentication no
+LoginGraceTime 120
+PasswordAuthentication {{ passwd_auth | default("no") }}
+PermitEmptyPasswords no
+PermitRootLogin no
+PubkeyAuthentication yes
+StrictModes yes
+UsePAM yes
+
+# Security
+HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+HostKey /etc/ssh/ssh_host_rsa_key
+IgnoreRhosts yes
+
+# Misc. options
+AcceptEnv LANG LC_*
+TCPKeepAlive yes
+Subsystem sftp {{ sftp_path }}
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO