]> git.phdru.name Git - ansible.git/blob - playbooks/roles/sudo/tasks/main.yaml
projects / ansible.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Feat(roles/sudo): Disable `.sudo_as_admin_successful`
[ansible.git] / playbooks / roles / sudo / tasks / main.yaml
1 - name: Install sudo
2   become: true
3   apt:
4     cache_valid_time: 3600
5     install_recommends: no
6     name: sudo
7     state: latest
8     update_cache: yes
9   when: ansible_facts.os_family == 'Debian'
10
11 - name: Add user phd to group sudo
12   become: true
13   user:
14     name: phd
15     append: yes
16     groups: sudo
17   when: ansible_facts.os_family == 'Debian'
18
19 - name: Allow passwordless operations for phd
20   become: true
21   copy:
22     content: |
23       Defaults !admin_flag
24       phd       ALL=(ALL:ALL) NOPASSWD: ALL
25     dest: /etc/sudoers.d/phd
26     owner: root
27     group: "{% if ansible_facts.os_family == 'Debian' %}sudo{% elif ansible_facts.os_family == 'RedHat' %}root{% endif %}"
28     mode: 0640
My ansible: inventory, playbooks, roles