Changeset - 5c17d88f3e11
Parent rev.
Child rev.
[Not reviewed]
0 1 0
x - 20 months ago 2023-08-31 18:08:17
xbr@c3l.lu
fix: initial_setup, proper passwordless sudo, incl users
1 file changed with 8 insertions and 5 deletions:
initial_server_setup/initial_setup.yml
8
5
0 comments (0 inline, 0 general)
initial_server_setup/initial_setup.yml
Show inline comments
 
@@ -143,17 +143,20 @@
 
        state: present
 
        key: "{{ lookup('file', item.key_path) }}"
 
      tags: users
 
      loop: "{{ users_member | union(users_system) }}"
 

			




	
	
	
		
 
    - name: Allow for password-less sudo

			




	
	
	
		
 
      community.general.sudoers:

			




	
	
	
		
 
        name: passwordless-sudo

			




	
	
	
		
 
        group: sudo

			




	
	
	
		
 
        commands: ALL

			




	
	
	
		
 
        nopassword: true

			




	
	
	
		
 
      # Not done via community.general.sudoders because it does not support

			




	
	
	
		
 
      # sudo-ing into users without a passsword.

			




	
	
	
		
 
      ansible.builtin.copy:

			




	
	
	
		
 
        dest: /etc/sudoers.d/passwordless-sudo

			




	
	
	
		
 
        content: '%sudo   ALL=(ALL:ALL) NOPASSWD: ALL'

			




	
	
	
		
 
        owner: root

			




	
	
	
		
 
        group: root

			




	
	
	
		
 
        mode: '0440'

			




	
	
	
		
 
      tags: users

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Reload SSHD

			




	
	
	
		
 
      ansible.builtin.service:

			




	
	
	
		
 
        name: "sshd"

			




	
	
	
		
 
        state: "reloaded"

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: saturn-2952997
    
    
        This site is powered by
            Kallithea,
        which is
        © 2010–2021 by various authors & licensed under GPLv3.
            – Support