--- # Filter SSH on groups - name: Filter SSH on groups lineinfile: dest: /etc/ssh/sshd_config regexp: '^AllowGroups' line: "AllowGroups root sudoldap aurore ssh" # To gain root access with ldap rights - name: Install SUDO package package: name: sudo state: present register: package_result retries: 3 until: package_result is succeeded # Set sudo group - name: Configure sudoers sudo group lineinfile: dest: /etc/sudoers regexp: "^%{{ sudo_group }}" line: "%{{ sudo_group }} ALL=(ALL:ALL) ALL" # Set sudo location group - name: Configure sudoers sudo location group lineinfile: dest: /etc/sudoers regexp: "^%{{ sudo_group_location }}" line: "%{{ sudo_group_location }} ALL=(ALL:ALL) ALL" when: sudo_group_location is defined