revert parts of "506fa8da8d" (explanation inline) #217
1 changed files with 7 additions and 8 deletions
|
@ -38,14 +38,13 @@
|
|||
#no_log: true
|
||||
|
||||
- name: Ensure users are added to sudoers
|
||||
community.general.sudoers:
|
||||
name: "users-sudo-{{ item.username }}"
|
||||
state: "{{ item.state | default('present') }}"
|
||||
user: "{{ item.username }} ALL=(ALL)"
|
||||
commands: "ALL"
|
||||
host: "ALL"
|
||||
nopassword: "{{ item.allow_passwordless_sudo }}"
|
||||
validation: absent #todo required
|
||||
ansible.builtin.blockinfile:
|
||||
create: true # todo extra task fur abbau
|
||||
path: "/etc/sudoers.d/users-sudo-{{ item.username }}"
|
||||
state: present
|
||||
block: |
|
||||
{{ item.username }} ALL=(ALL) {{ 'NOPASSWD:' if (item.allow_passwordless_sudo | d(false)) else '' }}ALL
|
||||
validate: 'visudo -cf %s'
|
||||
loop: '{{ users }}'
|
||||
when: item.allow_sudo|default(false) and item.allow_sudo is defined
|
||||
#no_log: true
|
||||
|
|
Loading…
Reference in a new issue