Dustin C. Hatch
d2eb61cce1
Tasks that install packages need to be tagged as `install` so they can be skipped by Jenkins daily runs.
28 lines
583 B
YAML
28 lines
583 B
YAML
- name: ensure sudo is installed
|
|
package:
|
|
name=sudo
|
|
state=present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure sudo group exists
|
|
group:
|
|
name=sudo
|
|
state=present
|
|
- name: ensure admin users members of sudo group
|
|
user:
|
|
name={{ item }}
|
|
groups=sudo
|
|
append=yes
|
|
with_items: '{{ admin_users }}'
|
|
- name: ensure members of sudo group can use sudo
|
|
copy:
|
|
src: sudo.sudoers
|
|
dest: /etc/sudoers.d/10_sudo
|
|
mode: '0440'
|
|
validate: visudo -cf %s
|
|
- name: ensure legacy sudo group configuration is removed
|
|
file:
|
|
path=/etc/sudoers.d/sudo
|
|
state=absent
|