[sudo] youre sharp buster

roles/sudo/tasks/main.yml

@@ -1,10 +1,11 @@
 ---
 - name: Configure sudoers
   template:
-    src: "{{ item }}.j2"
-    dest: /etc/{{ item }}
+    src: "{{ item.src }}.j2"
+    dest: "/etc/{{ item.dst |  default(item.src) }}"
     mode: 0440
   loop:
-    - sudoers.d/custom_passprompt
-    - sudoers.d/group_privilege
-    - sudoers
+    - src: sudoers.d/custom_passprompt
+    - src: sudoers.d/group_privilege
+    - src: "sudoers.{{ ansible_distribution_release }}"
+      dst: "sudoers"

roles/sudo/templates/sudoers.buster.j2

@@ -0,0 +1,27 @@
+{{ ansible_header | comment }}
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults	env_reset
+Defaults	mail_badpass
+Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Host alias specification
+User_Alias    USERS= %_user
+User_Alias    NOUNOUS= %_nounou
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root	ALL=(ALL:ALL) ALL
+
+{% if 'virtu' in group_names %}
+# Pour vérifier quels vms sont sur quels virtus
+USERS ALL=(root:ALL) NOPASSWD:/usr/sbin/qm list
+
+{% endif %}
+# See sudoers(5) for more information on "@include" directives:
+
+#includedir /etc/sudoers.d