volker.raschek/ansible-role-sudo
1
0
Fork 0
Code Issues Pull Requests 1 Actions Projects Releases Wiki Activity

fix: replace deprecated INJECT_FACTS_AS_VARS
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 16s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details

Browse Source
This commit is contained in:
Markus Pesch
2026-01-05 10:31:11 +01:00
parent b946da2d8d
commit a8e2ba74ee
2 changed files with 12 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tasks/main.yaml
View File

@@ -1,7 +1,17 @@
--- ---
- name: Load variables - name: Include OS-specific variables
ansible.builtin.include_vars: "{{ ansible_facts['os_family'] }}.yaml" ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] }}_{{ ansible_facts['architecture'] }}.yaml"
- "{{ ansible_facts['distribution'] }}.yaml"
- "{{ ansible_facts['os_family'] }}_{{ ansible_facts['architecture'] }}.yaml"
- "{{ ansible_facts['os_family'] }}.yaml"
- main.yaml
paths:
- vars
- name: Verify variables - name: Verify variables
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}" ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"

95
tasks/main.yml
View File

@@ -1,95 +0,0 @@
---
- name: Load variables
ansible.builtin.include_vars: "{{ ansible_facts['os_family'] }}.yaml"
- name: Verify variables
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] }}_verify_vars.yaml"
- "{{ ansible_facts['os_family'] }}_verify_vars.yaml"
- "verify_vars.yaml"
- name: Install sudo
ansible.builtin.package:
name: "{{ item }}"
state: present
with_items: "{{ sudo_users_package_names }}"
- name: Enable includedir directive
ansible.builtin.lineinfile:
dest: /etc/sudoers
state: present
regexp: "^(#)+(\\s)*includedir(\\s)*/etc/sudoers.d"
line: "#includedir /etc/sudoers.d"
validate: 'visudo --check --file %s'
mode: "0440"
owner: "root"
group: "root"
- name: Flush drop-in files of sudoers.d
ansible.builtin.file:
state: "{{ item }}"
path: "/etc/sudoers.d"
owner: "root"
group: "root"
mode: "0750"
with_items:
- absent
- directory
- name: "Create sudoers drop-in file to execute commands for specific unix users"
community.general.sudoers:
name: "{{ item.filename | default(item.user) }}"
state: present
user: "{{ item.user }}"
nopassword: "{{ item.nopassword | default(false) }}"
commands: "{{ item.commands | default('ALL') }}"
with_items:
- "{{ sudo_users_sudoers }}"
when: item.user is defined and item.user | length > 0 and
item.group is not defined and
item.runas is not defined
- name: "Create sudoers drop-in file to execute commands for specific unix users as specific unix user"
community.general.sudoers:
name: "{{ item.filename | default(item.user) }}"
state: present
user: "{{ item.user }}"
runas: "{{ item.runas }}"
nopassword: "{{ item.nopassword | default(false) }}"
commands: "{{ item.commands | default('ALL') }}"
with_items:
- "{{ sudo_users_sudoers }}"
when: item.user is defined and item.user | length > 0 and
item.group is not defined and
item.runas is defined and item.runas | length > 0
- name: "Create sudoers drop-in file to execute commands for specific unix groups"
community.general.sudoers:
name: "{{ item.filename | default(item.group) }}"
state: present
group: "{{ item.group }}"
nopassword: "{{ item.nopassword | default(false) }}"
commands: "{{ item.commands | default('ALL') }}"
with_items:
- "{{ sudo_users_sudoers }}"
when: item.user is not defined and
item.group is defined and item.group | length > 0 and
item.runas is not defined
- name: "Create sudoers drop-in file to execute commands for specific unix groups as specifix unix user"
community.general.sudoers:
name: "{{ item.filename | default(item.group) }}"
state: present
group: "{{ item.group }}"
runas: "{{ item.runas }}"
nopassword: "{{ item.nopassword | default(false) }}"
commands: "{{ item.commands | default('ALL') }}"
with_items:
- "{{ sudo_users_sudoers }}"
when: item.user is not defined and
item.group is defined and item.group | length > 0 and
item.runas is defined and item.runas | length > 0