From 47b1067cb4ecbd5280af8d187636b42a51a2f89b Mon Sep 17 00:00:00 2001 From: "Vincent F." Date: Tue, 9 Jun 2026 10:53:43 +0200 Subject: [PATCH] Ajout de sudo en passwordless --- ansible/roles/users/tasks/main.yml | 11 ++++++++++- ansible/roles/users/templates/sudo_sudoers | 2 ++ ansible/roles/users/vars/debian.yml | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/users/templates/sudo_sudoers diff --git a/ansible/roles/users/tasks/main.yml b/ansible/roles/users/tasks/main.yml index d297760..ce8739f 100644 --- a/ansible/roles/users/tasks/main.yml +++ b/ansible/roles/users/tasks/main.yml @@ -1,5 +1,4 @@ --- - - name: Load variables include_vars: "{{ ansible_os_family|lower }}.yml" @@ -50,6 +49,16 @@ group: root mode: 0640 +- name: Linux | Install sudoers file for sudo group + ansible.builtin.template: + src: sudo_sudoers + dest: "/etc/sudoers.d/sudo" + backup: yes + owner: root + group: root + mode: 0640 + validate: /usr/sbin/visudo -cf %s + - name: Linux | Define MOTD file ansible.builtin.shell: cmd: figlet -t {{ inventory_hostname_short | quote }} > /etc/motd diff --git a/ansible/roles/users/templates/sudo_sudoers b/ansible/roles/users/templates/sudo_sudoers new file mode 100644 index 0000000..649457f --- /dev/null +++ b/ansible/roles/users/templates/sudo_sudoers @@ -0,0 +1,2 @@ +# Enable passwordless sudo for sudo members +%sudo ALL=(ALL) NOPASSWD: ALL \ No newline at end of file diff --git a/ansible/roles/users/vars/debian.yml b/ansible/roles/users/vars/debian.yml index 690851f..a23fc28 100644 --- a/ansible/roles/users/vars/debian.yml +++ b/ansible/roles/users/vars/debian.yml @@ -1,5 +1,5 @@ --- - +## Define custom UIDs to avoid conflicts user_details: - { name: vinishor, uid: 2000 } - { name: mirsal, uid: 2001 }