2022-05-10 11:40:31 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
|
|
- name: Load variables
|
|
|
|
|
include_vars: "{{ ansible_os_family }}.yml"
|
|
|
|
|
|
|
|
|
|
- name: Install sudo
|
|
|
|
|
package:
|
|
|
|
|
name: "{{ item }}"
|
|
|
|
|
state: present
|
|
|
|
|
with_items: "{{ sudo_users_package_names }}"
|
|
|
|
|
|
2022-05-10 12:06:13 +00:00
|
|
|
- name: Enable includedir directive
|
|
|
|
|
lineinfile:
|
|
|
|
|
dest: /etc/sudoers
|
|
|
|
|
state: present
|
|
|
|
|
regexp: "^(#)+(\\s)*includedir(\\s)*/etc/sudoers.d"
|
|
|
|
|
line: "#includedir /etc/sudoers.d"
|
|
|
|
|
validate: 'visudo --check --file %s'
|
|
|
|
|
mode: 0440
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
|
2022-05-10 11:40:31 +00:00
|
|
|
- name: Flush drop-in files of sudoers.d
|
|
|
|
|
file:
|
|
|
|
|
state: "{{ item }}"
|
|
|
|
|
path: "/etc/sudoers.d"
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0750
|
|
|
|
|
with_items:
|
|
|
|
|
- absent
|
|
|
|
|
- directory
|
|
|
|
|
|
|
|
|
|
- name: Create drop-in files of sudoers.d
|
|
|
|
|
community.general.sudoers:
|
|
|
|
|
name: "{{ item.key }}"
|
|
|
|
|
state: present
|
|
|
|
|
user: "{{ item.key }}"
|
|
|
|
|
nopassword: "{{ item.value.without_password | default(False) }}"
|
|
|
|
|
commands: "{{ items.value.command | join(',') if items.value.command is defined and items.value.command | length > 0 else 'ALL' }}"
|
|
|
|
|
when: "item.value | length > 0"
|
2022-06-30 10:50:53 +00:00
|
|
|
with_dict: "{{ sudo_users_sudoers }}"
|
