From 645128198e7142da5cec1e4da46365405139ff2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torma=20Krist=C3=B3f?= <tormakristof@tormakristof.eu>
Date: Sun, 17 Apr 2022 14:38:46 +0200
Subject: [PATCH] incorporate sudo in common role

---
 fix-sudoers.yaml                   |  6 ------
 group_vars/all.yaml                |  2 +-
 roles/ansible-sudo/tasks/main.yaml | 17 -----------------
 roles/common/tasks/user-ops.yaml   | 16 ++++++++++++++++
 4 files changed, 17 insertions(+), 24 deletions(-)
 delete mode 100644 fix-sudoers.yaml
 delete mode 100644 roles/ansible-sudo/tasks/main.yaml

diff --git a/fix-sudoers.yaml b/fix-sudoers.yaml
deleted file mode 100644
index 677d56b..0000000
--- a/fix-sudoers.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: "Fix ansible sudo stuff"
-  hosts: all
-  roles:
-    - ansible-sudo
-...
diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index 8748bce..f077a86 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -1,4 +1,4 @@
 ---
 ansible_become: true
-ansible_user: tormakris
+ansible_user: ansible
 ...
diff --git a/roles/ansible-sudo/tasks/main.yaml b/roles/ansible-sudo/tasks/main.yaml
deleted file mode 100644
index 1b642fe..0000000
--- a/roles/ansible-sudo/tasks/main.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Check if ansible is already nopasswd in sudoers
-  lineinfile:
-    state: absent
-    path: /etc/sudoers
-    regexp: "^ansible"
-  check_mode: true
-  changed_when: false
-  register: checkallowusers
-
-- name: Define ansible nopasswd in sudoers
-  lineinfile:
-    state: present
-    path: /etc/sudoers
-    line: "ansible ALL=(ALL:ALL) NOPASSWD"
-  when: checkallowusers.found == 0
-...
diff --git a/roles/common/tasks/user-ops.yaml b/roles/common/tasks/user-ops.yaml
index 19bd53f..2f3abcd 100644
--- a/roles/common/tasks/user-ops.yaml
+++ b/roles/common/tasks/user-ops.yaml
@@ -33,6 +33,22 @@
     owner: ansible
     group: ansible
 
+- name: Check if ansible is already nopasswd in sudoers
+  lineinfile:
+    state: absent
+    path: /etc/sudoers
+    regexp: "^ansible"
+  check_mode: true
+  changed_when: false
+  register: checkallowusers
+
+- name: Define ansible nopasswd in sudoers
+  lineinfile:
+    state: present
+    path: /etc/sudoers
+    line: "ansible ALL=(ALL:ALL) NOPASSWD"
+  when: checkallowusers.found == 0
+
 - name: "Update authorized_keys of tormakris"
   ansible.posix.authorized_key:
     user: tormakris