--- # Filter SSH on groups - name: Filter SSH on groups lineinfile: dest: /etc/ssh/sshd_config regexp: ^AllowGroups line: AllowGroups root sudoldap aurore ssh state: present # To gain root access with ldap rights - name: Install SUDO package package: name: sudo state: present register: package_result retries: 3 until: package_result is succeeded # Set sudo group - name: Configure sudoers sudo group lineinfile: dest: /etc/sudoers regexp: ^%{{ sudo_group }} line: "%{{ sudo_group }} ALL=(ALL:ALL) ALL" state: present # Set sudo location group - name: Configure sudoers sudo location group lineinfile: dest: /etc/sudoers regexp: ^%{{ sudo_group_location }} line: "%{{ sudo_group_location }} ALL=(ALL:ALL) ALL" state: present when: sudo_group_location is defined