aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles/common
diff options
context:
space:
mode:
authorQuentin <quentin@deuxfleurs.fr>2020-02-16 20:05:47 +0100
committerQuentin <quentin@deuxfleurs.fr>2020-02-16 20:05:47 +0100
commitea32facca263f3b3b5e12dd3193625d2ac2b7b9e (patch)
treea2fe6cd9a6e4b556fb49a209074c4ef2a96a64cc /ansible/roles/common
parentcbd12c18779e6ecb0587ba06c256ffb930f35e67 (diff)
downloadinfrastructure-ea32facca263f3b3b5e12dd3193625d2ac2b7b9e.tar.gz
infrastructure-ea32facca263f3b3b5e12dd3193625d2ac2b7b9e.zip
Safer Ansible
Diffstat (limited to 'ansible/roles/common')
-rw-r--r--ansible/roles/common/tasks/main.yml9
1 files changed, 9 insertions, 0 deletions
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml
index 3ffc105..b4d00bb 100644
--- a/ansible/roles/common/tasks/main.yml
+++ b/ansible/roles/common/tasks/main.yml
@@ -40,3 +40,12 @@
- strace
- sudo
state: present
+
+- name: "Passwordless sudo"
+ lineinfile:
+ path: /etc/sudoers
+ state: present
+ regexp: '^%sudo'
+ line: '%sudo ALL=(ALL) NOPASSWD: ALL'
+ validate: 'visudo -cf %s'
+