dsfg

2024-10-23 21:53:19 +02:00 · 2024-10-23 21:53:19 +02:00 · 06b5260fc2
commit 06b5260fc2
parent 31b48cb6c8
1 changed files with 7 additions and 8 deletions
--- a/roles/mgrote_users/tasks/main.yml
+++ b/roles/mgrote_users/tasks/main.yml
@ -38,14 +38,13 @@
  #no_log: true

 - name: Ensure users are added to sudoers
-  community.general.sudoers:
-    name: "users-sudo-{{ item.username }}"
-    state: "{{ item.state | default('present') }}"
-    user: "{{ item.username }} ALL=(ALL)"
-    commands: "ALL"
-    host: "ALL"
-    nopassword: "{{ item.allow_passwordless_sudo }}"
-    validation: absent #todo required
+  ansible.builtin.blockinfile:
+    create: true # todo extra task fur abbau
+    path: "/etc/sudoers.d/users-sudo-{{ item.username }}"
+    state: present
+    block: |
+      {{ item.username }} ALL=(ALL) {{ 'NOPASSWD:' if (item.allow_passwordless_sudo | d(false)) else '' }}ALL
+    validate: 'visudo -cf %s'
  loop: '{{ users }}'
  when: item.allow_sudo|default(false) and item.allow_sudo is defined
  #no_log: true