# Adapted from solution provided by http://stackoverflow.com/users/57719/chin-huang http://stackoverflow.com/a/31465939/348868
# Scenario: You want to add a group to the list of the AllowGroups in ssh_config
# before:
# AllowGroups Group1
# After:
# AllowGroups Group1 Group2

- name: Add Group to AllowGroups
  replace:
    backup: yes
    dest: /etc/ssh/sshd_config
    regexp: '^(AllowGroups(?!.*\b{{ sftp_group_name }}\b).*)$'
    replace: '\1 {{ sftp_group_name }}'
    
 # This could also be achieved using the line in file module:
 - name: Add Group to AllowGroups
   lineinfile: 
     dest=/etc/ssh/sshd_config
     backup=True
     backrefs=True
     state=present
     regexp='^(AllowGroups(?!.*\b{{ sftp_group_name }}\b).*)$'
     line='\1 {{ sftp_group_name }}'