Initial Commit

2022-05-10 13:40:31 +02:00
commit db475e68d0
13 changed files with 340 additions and 0 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -0,0 +1,3 @@
+---
+
+skip_list: []
--- a/.drone.yml
+++ b/.drone.yml
@@ -0,0 +1,42 @@
+---
+kind: pipeline
+type: kubernetes
+name: linter
+
+platform:
+  os: linux
+
+steps:
+- name: markdown lint
+  commands:
+  - markdownlint *.md
+  image: docker.io/volkerraschek/markdownlint:0.31.1
+  resources:
+    limits:
+      cpu: 50
+      memory: 50M
+
+- name: email-notification
+  environment:
+    PLUGIN_HOST:
+      from_secret: smtp_host
+    PLUGIN_USERNAME:
+      from_secret: smtp_username
+    PLUGIN_PASSWORD:
+      from_secret: smtp_password
+    PLUGIN_FROM:
+      from_secret: smtp_mail_address
+  image: docker.io/drillster/drone-email:latest
+  resources:
+    limits:
+      cpu: 50
+      memory: 25M
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  event:
+    exclude:
+    - tag
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,12 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = false
--- a/.markdownlint.yaml
+++ b/.markdownlint.yaml
@@ -0,0 +1,144 @@
+# markdownlint YAML configuration
+# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
+
+# Default state for all rules
+default: true
+
+# Path to configuration file to extend
+extends: null
+
+# MD003/heading-style/header-style - Heading style
+MD003:
+  # Heading style
+  style: "atx"
+
+# MD004/ul-style - Unordered list style
+MD004:
+  style: "dash"
+
+# MD007/ul-indent - Unordered list indentation
+MD007:
+  # Spaces for indent
+  indent: 2
+  # Whether to indent the first level of the list
+  start_indented: false
+
+# MD009/no-trailing-spaces - Trailing spaces
+MD009:
+  # Spaces for line break
+  br_spaces: 2
+  # Allow spaces for empty lines in list items
+  list_item_empty_lines: false
+  # Include unnecessary breaks
+  strict: false
+
+# MD010/no-hard-tabs - Hard tabs
+MD010:
+  # Include code blocks
+  code_blocks: true
+
+# MD012/no-multiple-blanks - Multiple consecutive blank lines
+MD012:
+  # Consecutive blank lines
+  maximum: 1
+
+# MD013/line-length - Line length
+MD013:
+  # Number of characters
+  line_length: 80
+  # Number of characters for headings
+  heading_line_length: 80
+  # Number of characters for code blocks
+  code_block_line_length: 80
+  # Include code blocks
+  code_blocks: false
+  # Include tables
+  tables: false
+  # Include headings
+  headings: true
+  # Include headings
+  headers: true
+  # Strict length checking
+  strict: false
+  # Stern length checking
+  stern: false
+
+# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
+MD022:
+  # Blank lines above heading
+  lines_above: 1
+  # Blank lines below heading
+  lines_below: 1
+
+# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
+MD024:
+  # Only check sibling headings
+  allow_different_nesting: true
+
+# MD025/single-title/single-h1 - Multiple top-level headings in the same document
+MD025:
+  # Heading level
+  level: 1
+  # RegExp for matching title in front matter
+  front_matter_title: "^\\s*title\\s*[:=]"
+
+# MD026/no-trailing-punctuation - Trailing punctuation in heading
+MD026:
+  # Punctuation characters
+  punctuation: ".,;:!。，；：！"
+
+# MD029/ol-prefix - Ordered list item prefix
+MD029:
+  # List style
+  style: "one_or_ordered"
+
+# MD030/list-marker-space - Spaces after list markers
+MD030:
+  # Spaces for single-line unordered list items
+  ul_single: 1
+  # Spaces for single-line ordered list items
+  ol_single: 1
+  # Spaces for multi-line unordered list items
+  ul_multi: 1
+  # Spaces for multi-line ordered list items
+  ol_multi: 1
+
+# MD033/no-inline-html - Inline HTML
+MD033:
+  # Allowed elements
+  allowed_elements: []
+
+# MD035/hr-style - Horizontal rule style
+MD035:
+  # Horizontal rule style
+  style: "---"
+
+# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
+MD036:
+  # Punctuation characters
+  punctuation: ".,;:!?。，；：！？"
+
+# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
+MD041:
+  # Heading level
+  level: 1
+  # RegExp for matching title in front matter
+  front_matter_title: "^\\s*title\\s*[:=]"
+
+# MD044/proper-names - Proper names should have the correct capitalization
+MD044:
+  # List of proper names
+  names:
+  - gitea
+  # Include code blocks
+  code_blocks: false
+
+# MD046/code-block-style - Code block style
+MD046:
+  # Block style
+  style: "fenced"
+
+# MD048/code-fence-style - Code fence style
+MD048:
+  # Code fence syle
+  style: "backtick"
--- a/20
+++ b/20
@@ -0,0 +1,20 @@
+Copyright (c) 2022 Markus Pesch
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/README.md
+++ b/README.md
@@ -0,0 +1,25 @@
+# sudo_users
+
+[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/sudo_users/status.svg)](https://drone.cryptic.systems/volker.raschek/sudo_users)
+[![Ansible Role](https://img.shields.io/ansible/role/d/58433)](https://galaxy.ansible.com/volker_raschek/networking_role)
+
+With following role can be created sudoers files in `/etc/sudoers.d`. For
+example to grant a user special perimssions to execute a program as root.
+
+## Supported distributions
+
+- Arch Linux
+- Debian
+- Fedora
+- RHEL
+- Ubuntu 20.04
+
+## Features
+
+- Installing sudo
+- Configuring drop-on files in `/etc/sudoers.d`
+
+## Configuring
+
+In the default directory are examples how to configure the network stack. Copy the
+defaults into your `host_vars` or `group_vars` and adapt the examples.
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+
+sudo_users_sudoers: {}
+  # myuser:
+  #   commands:
+  #   - /usr/sbin/nologin
+  #   without_password: yes
+  # myadmin:
+  #   commands:
+  #   - ALL
+  #   without_password: yes
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -0,0 +1,23 @@
+galaxy_info:
+  role_name: sudo_users
+  author: Markus Pesch
+  description: Role to configure sudoers on different distributions
+  company: Cryptic Systems
+  license: MIT
+  min_ansible_version: "2.9"
+  platforms:
+  - name: ArchLinux
+    versions:
+    - all
+  - name: Ubuntu
+    versions:
+    - all
+  - name: Fedora
+    versions:
+    - "35"
+
+  galaxy_tags:
+  - sudo
+  - sudoers
+
+dependencies: []
--- a/renovate.json
+++ b/renovate.json
@@ -0,0 +1,17 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "assignees": [ "volker.raschek" ],
+  "automergeStrategy": "merge-commit",
+  "automergeType": "pr",
+  "labels": [ "renovate" ],
+  "packageRules": [
+    {
+      "addLabels": [ "renovate/droneci", "renovate/automerge" ],
+      "automerge": true,
+      "matchManagers": "droneci",
+      "matchUpdateTypes": [ "minor", "patch"]
+    }
+  ],
+  "rebaseLabel": "renovate/rebase",
+  "rebaseWhen": "behind-base-branch"
+}
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+
+- name: Load variables
+  include_vars: "{{ ansible_os_family }}.yml"
+
+- name: Install sudo
+  package:
+    name: "{{ item }}"
+    state: present
+  with_items: "{{ sudo_users_package_names }}"
+
+- name: Flush drop-in files of sudoers.d
+  file:
+    state: "{{ item }}"
+    path: "/etc/sudoers.d"
+    owner: root
+    group: root
+    mode: 0750
+  with_items:
+  - absent
+  - directory
+
+- name: Create drop-in files of sudoers.d
+  community.general.sudoers:
+    name: "{{ item.key }}"
+    state: present
+    user: "{{ item.key }}"
+    nopassword: "{{ item.value.without_password | default(False) }}"
+    commands: "{{ items.value.command | join(',') if items.value.command is defined and items.value.command | length > 0 else 'ALL' }}"
+  when: "item.value | length > 0"
+  with_dict: "{{ sudo_users }}"
--- a/vars/Archlinux.yml
+++ b/vars/Archlinux.yml
@@ -0,0 +1,4 @@
+---
+
+sudo_users_package_names:
+- sudo
--- a/vars/Debian.yml
+++ b/vars/Debian.yml
@@ -0,0 +1,4 @@
+---
+
+sudo_users_package_names:
+- sudo
--- a/vars/RedHat.yml
+++ b/vars/RedHat.yml
@@ -0,0 +1,4 @@
+---
+
+sudo_users_package_names:
+- sudo