technolog/ansible
1
0
Fork 0
Code Issues Pull Requests Activity

sudo doas add rights

Browse Source
This commit is contained in:
iRaven
2025-09-02 01:07:14 -05:00
parent 14219402a5
commit f646dca6b7
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
linux/compliance.yaml
View File

@@ -99,6 +99,17 @@
line: 'ansible ALL=(ALL) NOPASSWD: ALL' line: 'ansible ALL=(ALL) NOPASSWD: ALL'
state: present state: present
validate: 'visudo -cf %s' validate: 'visudo -cf %s'
when: "ansible_distribution != 'Alpine'"
# Give ansible doas rights with no password required.
- name: Add doas rights with no password for deployment user (Alpine only)
lineinfile:
dest: /etc/doas.conf
regexp: '^ansible'
line: 'permit keepenv nopass :ansible'
state: present
validate: 'doas -C %s'
when: "ansible_distribution == 'Alpine'"
# # Configure firewalld (if installed) to be disabled (especially if an internal server.) Firewall rules are managed by UniFi. # # Configure firewalld (if installed) to be disabled (especially if an internal server.) Firewall rules are managed by UniFi.
# - name: Stop and disable firewalld. # - name: Stop and disable firewalld.