Skip to content

weareinteractive/ansible-sudo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

163 Commits

defaults

defaults

 
 

meta

meta

 
 

tasks

tasks

 
 

templates/etc/sudoers.d

templates/etc/sudoers.d

 
 

tests

tests

 
 

vars

vars

 
 

.ansible-lint

.ansible-lint

 
 

.clog.toml

.clog.toml

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

Repository files navigation

Ansible weareinteractive.sudo role

Build Status Galaxy GitHub Tags GitHub Stars

weareinteractive.sudo is an Ansible role which:

  • installs sudo
  • configures sudo

Note:

Since Ansible Galaxy supports organization now, this role has moved from franklinkim.sudo to weareinteractive.sudo!

Installation

Using ansible-galaxy:

$ ansible-galaxy install weareinteractive.sudo

Using requirements.yml:

- src: weareinteractive.sudo

Using git:

$ git clone https://github.com/weareinteractive/ansible-sudo.git weareinteractive.sudo

Dependencies

  • Ansible >= 2.5

Variables

Here is a list of all the default variables for this role, which are also available in defaults/main.yml.

---
# sudo_defaults:
#  - defaults: env_reset
#  - name: user1
#    defaults: requiretty
# sudo_users:
#  - name: '%group1'
#  - name: 'bar'
#    nopasswd: yes
#  - name: '%group2'
#    commands: '/bin/ls'
#  - name: '%group3'
#    commands:
#      - /bin/ls
#      - /bin/df
#  - name: '%group4'
#    hosts: 127.0.0.1

# package name (version)
sudo_package: sudo
# list of username or %groupname
sudo_users: []
# list of username or %groupname and their defaults
sudo_defaults: []
# default sudoers file
sudo_sudoers_file: ansible
# path of the sudoers.d directory
sudo_sudoers_d_path: /etc/sudoers.d
# delete other files in `sudo_sudoers_d_path`
purge_other_sudoers_files: no

Usage

This is an example playbook:

---

- hosts: all
  become: yes
  roles:
    - weareinteractive.sudo
  vars:
    sudo_defaults:
      - defaults: env_reset
      - defaults: secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      - name: 'user1'
        defaults: 'requiretty'
      - name: '%group1'
        defaults: '!requiretty'
    sudo_users:
      - name: 'user1'
      - name: 'user2'
        nopasswd: yes
      - name: '%group1'
        hosts: 127.0.0.1
      - name: '%group2'
        commands: '/bin/ls'
      - name: '%group3'
        commands:
          - '/usr/bin/ls'
          - '/usr/bin/df'
          - '/usr/bin/mailq'
      - name: '%group4'
        users: 'user1,user2'
        groups: 'group1,group2'
    purge_other_sudoers_files: yes

Testing

$ git clone https://github.com/weareinteractive/ansible-sudo.git
$ cd ansible-sudo
$ make test

Contributing

In lieu of a formal style guide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

Note: To update the README.md file please install and run ansible-role:

$ gem install ansible-role
$ ansible-role docgen

License

Copyright (c) We Are Interactive under the MIT license.

About

Ansible role which installs and configures sudo

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

41 stars

Watchers

7 watching

Forks

45 forks
Report repository

Releases

25 tags

Packages

No packages published

Contributors 19

+ 5 contributors

Languages