On systems running selinux (or at least on Fedora 33) the handler to restart sshd fails if the ssh port is changed from 22. The new port must be added to the port context. For example it port 22222 is used:
semanage port -a -t ssh_port_t -p tcp 22222

It looks like setup does return some info about whether or not selinux in enabled ansible_selinux. I'm not sure if this is beyond the scope of what you are wanting to have this role achieve but I thought I would mention it.

Thanks for all the great tools btw!

This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark issues as stale.

This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.