Add sudoers.yml

2025-07-20 18:58:45 +02:00
parent 330f8a0a51
commit 3a12b06140
1 changed files with 29 additions and 0 deletions
--- a/sudoers.yml
+++ b/sudoers.yml
@@ -0,0 +1,29 @@
+---
+- name: Configure visudo for secure sudoers
+  hosts: all
+  become: yes
+  tasks:
+    - name: Allow admin group passwordless sudo
+      copy:
+        dest: /etc/sudoers.d/admin
+        content: "%{{ ansible_user }} ALL=(ALL) NOPASSWD:ALL"
+        owner: root
+        group: root
+        mode: '0440'
+
+##For a specific user
+
+---
+- name: Add linuxadmin to sudoers
+  hosts: all
+  become: yes
+  tasks:
+    - name: Ensure linuxadmin can sudo without a password
+      lineinfile:
+        path: /etc/sudoers
+        state: present
+        regexp: '^linuxadmin'
+        line: 'linuxadmin ALL=(ALL) NOPASSWD: ALL'
+        validate: 'visudo -cf %s'
+
+#Just replace linuxadmin with the user you want to add to the sudo group.