roles/essential/tasks/sudo.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

- name: Install sudo
  ansible.builtin.package:
    name:
      - sudo
    state: present

- name: Allow wheel group to use sudo
  ansible.builtin.lineinfile:
    dest: /etc/sudoers
    state: present
    regexp: '^(# )?%wheel ALL=\(ALL:ALL\) NOPASSWD: ALL'
    line: '%wheel ALL=(ALL:ALL) NOPASSWD: ALL'
    validate: "visudo -cf %s"
    owner: root
    group: root
    mode: u+r,g+r,o-rwx