From 5c4619138973e366ede21b54d018ea525da06b9d Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <yohann.danello@gmail.com>
Date: Fri, 4 Sep 2020 09:56:02 +0200
Subject: [PATCH] Register camelot and gitea, make camelot accessible for
 everyone

---
 hosts                                        | 2 ++
 roles/ldap-client/tasks/1_group_security.yml | 1 +
 2 files changed, 3 insertions(+)

diff --git a/hosts b/hosts
index 277bcc0..d7eaa31 100644
--- a/hosts
+++ b/hosts
@@ -19,6 +19,8 @@ dhcp-aurore.adm.auro.re
 dns-aurore.adm.auro.re
 docker-worker1-aurore.adm.auro.re
 proxy-backup.adm.auro.re
+camelot.adm.auro.re
+gitea.adm.auro.re
 
 
 ###############################################################################
diff --git a/roles/ldap-client/tasks/1_group_security.yml b/roles/ldap-client/tasks/1_group_security.yml
index 8477ac4..06664e6 100644
--- a/roles/ldap-client/tasks/1_group_security.yml
+++ b/roles/ldap-client/tasks/1_group_security.yml
@@ -1,6 +1,7 @@
 ---
 # Filter SSH on groups
 - name: Filter SSH on groups
+  when: ansible_facts['hostname'] != "camelot"  # Camelot is accessible for everyone
   lineinfile:
     dest: /etc/ssh/sshd_config
     regexp: ^AllowGroups