summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--roles/essential/tasks/main.yml1
-rw-r--r--roles/essential/tasks/sudo.yml17
2 files changed, 18 insertions, 0 deletions
diff --git a/roles/essential/tasks/main.yml b/roles/essential/tasks/main.yml
index 111e718..87be2e5 100644
--- a/roles/essential/tasks/main.yml
+++ b/roles/essential/tasks/main.yml
@@ -1,2 +1,3 @@
- ansible.builtin.include_tasks: roles/essential/tasks/packages.yml
- ansible.builtin.include_tasks: roles/essential/tasks/users.yml
+- ansible.builtin.include_tasks: roles/essential/tasks/sudo.yml
diff --git a/roles/essential/tasks/sudo.yml b/roles/essential/tasks/sudo.yml
new file mode 100644
index 0000000..422c023
--- /dev/null
+++ b/roles/essential/tasks/sudo.yml
@@ -0,0 +1,17 @@
+- name: Install sudo
+ ansible.builtin.package:
+ name:
+ - sudo
+ state: present
+
+- name: Allow wheel group to use sudo
+ ansible.builtin.lineinfile:
+ dest: /etc/sudoers
+ state: present
+ regexp: '^(# )?%wheel ALL=\(ALL:ALL\) NOPASSWD: ALL'
+ insertafter: '^# %wheel ALL=\(ALL:ALL\) NOPASSWD: ALL'
+ line: '%wheel ALL=(ALL:ALL) NOPASSWD: ALL'
+ validate: "visudo -cf %s"
+ owner: root
+ group: root
+ mode: u+r,g+r,o-rwx
generated by cgit v1.2.3-70-g09d2 (git 2.49.0) at 2025-04-28 19:31:52 +0000