ansible/roles/ldap-client/tasks/1_group_security.yml
Hadrien Patte 5551fb5c16
Fix: remove unnecessary quotes
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-23 20:04:33 +01:00

31 lines
781 B
YAML

---
# Filter SSH on groups
- name: Filter SSH on groups
lineinfile:
dest: /etc/ssh/sshd_config
regexp: ^AllowGroups
line: AllowGroups root sudoldap aurore ssh
# To gain root access with ldap rights
- name: Install SUDO package
package:
name: sudo
state: present
register: package_result
retries: 3
until: package_result is succeeded
# Set sudo group
- name: Configure sudoers sudo group
lineinfile:
dest: /etc/sudoers
regexp: ^%{{ sudo_group }}
line: "%{{ sudo_group }} ALL=(ALL:ALL) ALL"
# Set sudo location group
- name: Configure sudoers sudo location group
lineinfile:
dest: /etc/sudoers
regexp: ^%{{ sudo_group_location }}
line: "%{{ sudo_group_location }} ALL=(ALL:ALL) ALL"
when: sudo_group_location is defined