From 8c322d2d3aa00d1e6aa1c5ab175b6da00b25f1bf Mon Sep 17 00:00:00 2001
From: grizzly <grisel-davy@crans.org>
Date: Sun, 14 Apr 2019 12:34:47 +0200
Subject: [PATCH] jout des variables crans et divers

---
 group_vars/all/vault.yml                   | 28 ++++++++++++++++++++++
 roles/ldap-client/tasks/group_security.yml |  3 +--
 2 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 group_vars/all/vault.yml

diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml
new file mode 100644
index 00000000..865eacad
--- /dev/null
+++ b/group_vars/all/vault.yml
@@ -0,0 +1,28 @@
+$ANSIBLE_VAULT;1.1;AES256
+39306562623331663735646339313933373165343362386465376564653434313263336661316130
+3365653666303038613330666534313737653539393362660a396535643361643065386561636338
+63326336643465653061376135653031373664613139306338326236373963353433313334633737
+6464346433316634370a616637343637386233623736653331616131393732633861323638623931
+34353337636131643531343537373132666338663138633832613034343733643630373532306438
+33336638643966343738363333346236393937643165346133376561333663383766303462306338
+39356634376435313531356465663266383766373863646265303435303661393462663461306461
+30666335343731356633366230393631623237313363333066663062346537333362653334336466
+63343264366566346235376630326261396461643462376231373165393864666563656430383063
+32303737353930333962316230653961343961643165613837343565313636363833313830333435
+34643664616662326334323836346232633131663361613831353563303761313064303133623637
+64353865373638396161623861323063306333353735356634646437646636303565623261343634
+65636463613064663732663366616130333632333961373835656534633930356637643834313739
+37626362313763356635336134393038616235333736626632343863383033356464333462306430
+35393861333364666232356263396364386165613730353162356362333064303762353464346430
+62623635373634646330393364636139363962313666346232363734326334393362326661353765
+65373166656465313262373636353235306666323234343866383065326335633261643363346433
+63633839663538663536656239356336313732316461393461326337366134303933623538643163
+63393031613061306539393261386636633430353661336666626530306365333763366232353663
+38666632323663646135316361376665336165343364393937346636343165633065346462343163
+64633164623366633837393737363937336537666664646530393363393537653838636634666439
+39306232383237613238353961343561666362363763393436393536336634376637353534393632
+30623132646435303331313130633765316133323538613737353362663334343239346566663537
+33656562616165633262383037306537356536316439646533623033663433363464383163376431
+38376233396166353862306461363036353561336664346230396239323439366163653232643432
+64643634333635363838343764613063363166303763303036333066386332643333363237626366
+623363313165323038643166313535616233
diff --git a/roles/ldap-client/tasks/group_security.yml b/roles/ldap-client/tasks/group_security.yml
index 1fae4b1e..08fb426c 100644
--- a/roles/ldap-client/tasks/group_security.yml
+++ b/roles/ldap-client/tasks/group_security.yml
@@ -4,7 +4,7 @@
   lineinfile:
     dest: /etc/ssh/sshd_config
     regexp: ^AllowGroups
-    line: AllowGroups root sudoldap aurore ssh
+    line: AllowGroups ssh nounou apprenti cableur root
     state: present
 
 # To gain root access with ldap rights
@@ -22,4 +22,3 @@
     src: sudoers.j2
     dest: /etc/sudoers
     mode: 0440
-  validate: /usr/sbin/visudo -cf %s