From fecdbb0406e51fefef2159f23cb90ea26a7dac8d Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Mon, 24 Jun 2019 17:08:01 +0200
Subject: [PATCH] evolinux-base: use the variable for the "ssh" group name

---
 evolinux-base/tasks/ssh.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/evolinux-base/tasks/ssh.yml b/evolinux-base/tasks/ssh.yml
index c6b87cae..2dab992b 100644
--- a/evolinux-base/tasks/ssh.yml
+++ b/evolinux-base/tasks/ssh.yml
@@ -11,7 +11,7 @@
 # only the first instance of the keyword is applied. »
 #
 # We want to allow any user from a list of IP addresses to login with password,
-# but users of the "evolix" group can't login with password from other IP addresses
+# but users of the "{{ evolinux_ssh_group }}" group can't login with password from other IP addresses
 
 - name: "Security directives for Evolinux (Debian 10 or later)"
   blockinfile:
@@ -20,7 +20,7 @@
     block: |
       Match Address {{ evolinux_ssh_password_auth_addresses | join(',') }}
           PasswordAuthentication yes
-      Match Group evolix
+      Match Group {{ evolinux_ssh_group }}
           PasswordAuthentication no
     insertafter: EOF
     validate: '/usr/sbin/sshd -t -f %s'