From 5ef4a403d2391c2a7c0f6bf0bbcb8687d7b59c90 Mon Sep 17 00:00:00 2001
From: Jeremy Dubois <jdubois@evolix.fr>
Date: Tue, 20 Oct 2020 15:57:35 +0200
Subject: [PATCH] We should be able to execute evomaintence.sh as soon as we
 can SSH to the server

---
 roles/base/templates/doas.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/base/templates/doas.conf.j2 b/roles/base/templates/doas.conf.j2
index f99f8c1..7653918 100644
--- a/roles/base/templates/doas.conf.j2
+++ b/roles/base/templates/doas.conf.j2
@@ -1,7 +1,7 @@
 # {{ ansible_managed }}
 permit setenv {SSH_AUTH_SOCK SSH_TTY PKG_PATH HOME=/root ENV=/root/.profile} :{{ evobsd_sudo_group }}
 permit nopass root
-permit setenv {ENV PS1 SSH_AUTH_SOCK SSH_TTY} nopass :{{ evobsd_sudo_group }} as root cmd /usr/share/scripts/evomaintenance.sh
+permit setenv {ENV PS1 SSH_AUTH_SOCK SSH_TTY} nopass :{{ evobsd_ssh_group }} as root cmd /usr/share/scripts/evomaintenance.sh
 permit nopass _collectd as root cmd /bin/cat
 permit nopass _collectd as root cmd /usr/sbin/bgpctl
 permit nopass _nrpe as root cmd /sbin/bioctl args sd2