separated out an SSH hardening task as part of refactor

roles/init-server/tasks/harden.yml

@@ -0,0 +1,18 @@
+#SPDX-License-Identifier: MIT-0
+---
+# tasks file for roles/init-vps
+- name: Checking whether administrative login used
+  when: ansible_user not in (admins | map(attribute="username") | list)
+  ansible.builtin.fail:
+    msg: Must use administrative user for subsequent tasks
+- name: Hardening SSH service for the Linode VPS
+  ansible.builtin.copy:
+    src: sshd_config.d/harden.conf
+    dest: /etc/ssh/sshd_config.d/harden.conf
+    owner: root
+    group: root
+    mode: "644"
+    force: true
+    backup: true
+    validate: "sshd -t %s"
+  register: ssh_hardened