diff --git a/roles/base/files/users/sudoers_wheel b/roles/base/files/users/sudoers_wheel
new file mode 100644
index 0000000..188cf57
--- /dev/null
+++ b/roles/base/files/users/sudoers_wheel
@@ -0,0 +1 @@
+%wheel ALL=(ALL) ALL
\ No newline at end of file
diff --git a/roles/base/tasks/system_setup/openssh.yml b/roles/base/tasks/system_setup/openssh.yml
index 47d2477..e4d0e38 100644
--- a/roles/base/tasks/system_setup/openssh.yml
+++ b/roles/base/tasks/system_setup/openssh.yml
@@ -22,7 +22,8 @@
     path: "/etc/ssh/sshd_config"
     line: "Include /etc/ssh/sshd_config.d/*.conf"
     state: present
-    insertbefore: "^Port.*$"
+    insertbefore: "^#?Port.*$"
+  notify: restart_sshd
 
 - name: system setup | openssh | copy sshd custom config
   tags: openssh,ssh,system,settings
diff --git a/roles/base/tasks/users/all.yml b/roles/base/tasks/users/all.yml
index 67984db..54c3f37 100644
--- a/roles/base/tasks/users/all.yml
+++ b/roles/base/tasks/users/all.yml
@@ -87,4 +87,12 @@
   become: yes
   become_user: '{{ user }}'
   shell: "POWERLINE=n BASHIT=y ZSHCUSTOM=n {{ getent_passwd[user][4] }}/dotfiles/install.sh"
-  ignore_errors: yes
\ No newline at end of file
+  ignore_errors: yes
+
+- name: users | all | add sudoers file
+  copy:
+    src: users/sudoers_wheel
+    dest: /etc/sudoers.d/wheel
+    owner: root
+    group: root
+    mode: 0440
\ No newline at end of file