diff --git a/templates/usermanagement/sudoers.d/sudoers.j2 b/templates/usermanagement/sudoers.d/sudoers.j2
index 049eb8d..130923e 100644
--- a/templates/usermanagement/sudoers.d/sudoers.j2
+++ b/templates/usermanagement/sudoers.d/sudoers.j2
@@ -1,21 +1,15 @@
 {% if __user['username'] == 'drone' %}
-# ansible.siempie.internal
 {% if inventory_hostname == 'ansible.siempie.internal' %}
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible *
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy install -r /etc/ansible/ansible_requirements.yaml
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook *
 {% endif %}
-
-# mgmt01.siempie.local
 {% if inventory_hostname == 'mgmt01.infra.vpn.mirahsimon.us' %}
 drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl *
 {% endif %}
-
-# registry.siempie.internal
-{% if inventory_hostname == 'mgmt01.infra.vpn.mirahsimon.us' %}
-drone registry.siempie.internal=(root) NOPASSWD:/
+{% if inventory_hostname == 'registry.siempie.internal' %}
+drone registry.siempie.internal=(root) NOPASSWD:/usr/bin/docker *
 {% endif %}
-
 {% else %}
 {% if sudo_pwless == False %}
 {{ __user['username'] }} ALL=(ALL) ALL