ansible sudo fix

2022-04-17 14:36:26 +02:00 · 2022-04-17 14:36:26 +02:00 · 231bc6752e
commit 231bc6752e
parent a3deafec54
3 changed files with 24 additions and 1 deletions
--- a/fix-sudoers.yaml
+++ b/fix-sudoers.yaml
@ -0,0 +1,6 @@
+---
+- name: "Fix ansible sudo stuff"
+  hosts: all
+  roles:
+    - ansible-sudo
+...
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@ -1,4 +1,4 @@
 ---
 ansible_become: true
-ansible_user: ansible
+ansible_user: tormakris
 ...
--- a/roles/ansible-sudo/tasks/main.yaml
+++ b/roles/ansible-sudo/tasks/main.yaml
@ -0,0 +1,17 @@
+---
+- name: Check if ansible is already nopasswd in sudoers
+  lineinfile:
+    state: absent
+    path: /etc/sudoers
+    regexp: "^ansible"
+  check_mode: true
+  changed_when: false
+  register: checkallowusers
+
+- name: Define ansible nopasswd in sudoers
+  lineinfile:
+    state: present
+    path: /etc/sudoers
+    line: "ansible ALL=(ALL:ALL) NOPASSWD"
+  when: checkallowusers.found == 0
+...