Allow passwordless sudo

This commit is contained in:
Sam A. 2023-11-11 16:35:14 +01:00
parent 30b52f9fb9
commit 93c0101ca4
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
3 changed files with 12 additions and 4 deletions

View file

@ -10,9 +10,17 @@
state: present state: present
loop: "{{ users }}" loop: "{{ users }}"
- name: Add ssh authorized_keys - name: Add SSH keys to users
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: "{{ item.name }}" user: "{{ item.name }}"
key: "{{ item.ssh_keys | join('\n') }}" key: "{{ item.ssh_keys | join('\n') }}"
exclusive: true exclusive: true
loop: "{{ users }}" loop: "{{ users }}"
- name: Allow passwordless sudo to 'sudo' group
ansible.builtin.lineinfile:
path: /etc/sudoers
regexp: '^%sudo ALL='
line: '%sudo ALL=(ALL:ALL) NOPASSWD: ALL'
validate: /usr/sbin/visudo -cf %s
state: present

View file

@ -1,7 +1,7 @@
# vim: ft=yaml.ansible # vim: ft=yaml.ansible
# code: language=ansible # code: language=ansible
--- ---
- name: Restart Docker daemon - name: Reload Docker daemon
ansible.builtin.service: ansible.builtin.service:
name: docker name: docker
state: reloaded state: reloaded

View file

@ -36,11 +36,11 @@
enabled: true enabled: true
state: started state: started
- name: Configure cron job to prune unused Docker data weekly - name: Configure cron job to prune unused Docker data daily
ansible.builtin.cron: ansible.builtin.cron:
name: Prune unused Docker data name: Prune unused Docker data
cron_file: ansible_docker_prune cron_file: ansible_docker_prune
job: 'docker system prune -fa && docker volume prune -fa' job: 'docker system prune -fa && docker volume prune -fa'
special_time: weekly special_time: daily
user: root user: root
state: present state: present