---
# Filter SSH on groups
- name: Filter SSH on groups
  lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: '^AllowGroups'
    line: "AllowGroups root sudoldap aurore ssh"

# To gain root access with ldap rights
- name: Install SUDO package
  package:
    name: sudo
    state: present

# Set sudo group
- name: Configure sudoers
  lineinfile:
    dest: /etc/sudoers
    regexp: "^%{{ sudo_group }}"
    line: "%{{ sudo_group }}	ALL=(ALL:ALL) ALL"