diff --git a/tasks/main.yaml b/tasks/main.yaml index b9349b0..b65dc17 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -1,7 +1,17 @@ --- -- name: Load variables - ansible.builtin.include_vars: "{{ ansible_facts['os_family'] }}.yaml" +- name: Include OS-specific variables + ansible.builtin.include_vars: "{{ lookup('first_found', params) }}" + vars: + params: + files: + - "{{ ansible_facts['distribution'] }}_{{ ansible_facts['architecture'] }}.yaml" + - "{{ ansible_facts['distribution'] }}.yaml" + - "{{ ansible_facts['os_family'] }}_{{ ansible_facts['architecture'] }}.yaml" + - "{{ ansible_facts['os_family'] }}.yaml" + - main.yaml + paths: + - vars - name: Verify variables ansible.builtin.include_vars: "{{ lookup('first_found', params) }}" diff --git a/tasks/main.yml b/tasks/main.yml deleted file mode 100644 index b9349b0..0000000 --- a/tasks/main.yml +++ /dev/null @@ -1,95 +0,0 @@ ---- - -- name: Load variables - ansible.builtin.include_vars: "{{ ansible_facts['os_family'] }}.yaml" - -- name: Verify variables - ansible.builtin.include_vars: "{{ lookup('first_found', params) }}" - vars: - params: - files: - - "{{ ansible_facts['distribution'] }}_verify_vars.yaml" - - "{{ ansible_facts['os_family'] }}_verify_vars.yaml" - - "verify_vars.yaml" - -- name: Install sudo - ansible.builtin.package: - name: "{{ item }}" - state: present - with_items: "{{ sudo_users_package_names }}" - -- name: Enable includedir directive - ansible.builtin.lineinfile: - dest: /etc/sudoers - state: present - regexp: "^(#)+(\\s)*includedir(\\s)*/etc/sudoers.d" - line: "#includedir /etc/sudoers.d" - validate: 'visudo --check --file %s' - mode: "0440" - owner: "root" - group: "root" - -- name: Flush drop-in files of sudoers.d - ansible.builtin.file: - state: "{{ item }}" - path: "/etc/sudoers.d" - owner: "root" - group: "root" - mode: "0750" - with_items: - - absent - - directory - -- name: "Create sudoers drop-in file to execute commands for specific unix users" - community.general.sudoers: - name: "{{ item.filename | default(item.user) }}" - state: present - user: "{{ item.user }}" - nopassword: "{{ item.nopassword | default(false) }}" - commands: "{{ item.commands | default('ALL') }}" - with_items: - - "{{ sudo_users_sudoers }}" - when: item.user is defined and item.user | length > 0 and - item.group is not defined and - item.runas is not defined - -- name: "Create sudoers drop-in file to execute commands for specific unix users as specific unix user" - community.general.sudoers: - name: "{{ item.filename | default(item.user) }}" - state: present - user: "{{ item.user }}" - runas: "{{ item.runas }}" - nopassword: "{{ item.nopassword | default(false) }}" - commands: "{{ item.commands | default('ALL') }}" - with_items: - - "{{ sudo_users_sudoers }}" - when: item.user is defined and item.user | length > 0 and - item.group is not defined and - item.runas is defined and item.runas | length > 0 - -- name: "Create sudoers drop-in file to execute commands for specific unix groups" - community.general.sudoers: - name: "{{ item.filename | default(item.group) }}" - state: present - group: "{{ item.group }}" - nopassword: "{{ item.nopassword | default(false) }}" - commands: "{{ item.commands | default('ALL') }}" - with_items: - - "{{ sudo_users_sudoers }}" - when: item.user is not defined and - item.group is defined and item.group | length > 0 and - item.runas is not defined - -- name: "Create sudoers drop-in file to execute commands for specific unix groups as specifix unix user" - community.general.sudoers: - name: "{{ item.filename | default(item.group) }}" - state: present - group: "{{ item.group }}" - runas: "{{ item.runas }}" - nopassword: "{{ item.nopassword | default(false) }}" - commands: "{{ item.commands | default('ALL') }}" - with_items: - - "{{ sudo_users_sudoers }}" - when: item.user is not defined and - item.group is defined and item.group | length > 0 and - item.runas is defined and item.runas | length > 0