---
# Filter SSH on groups
- name: Filter SSH on groups
  lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: ^AllowGroups
    line: AllowGroups ssh nounou apprenti cableur root
    state: present

# To gain root access with ldap rights
- name: Install SUDO package
  package:
    name: sudo
    state: present
  register: package_result
  retries: 3
  until: package_result is succeeded

# Set sudo group
- name: Configure sudoers sudo group
  template:
    src: sudoers.j2
    dest: /etc/sudoers
    mode: 0440