22 lines
688 B
YAML
22 lines
688 B
YAML
---
|
|
- name: Configure NOPASSWD sudo for nomad user
|
|
hosts: nomad_clients
|
|
become: yes
|
|
tasks:
|
|
- name: Ensure sudoers.d directory exists
|
|
file:
|
|
path: /etc/sudoers.d
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0750'
|
|
|
|
- name: Allow nomad user passwordless sudo for required commands
|
|
copy:
|
|
dest: /etc/sudoers.d/nomad
|
|
content: |
|
|
nomad ALL=(ALL) NOPASSWD: /usr/bin/apt, /usr/bin/systemctl, /bin/mkdir, /bin/chown, /bin/chmod, /bin/mv, /bin/sed, /usr/bin/tee, /usr/sbin/usermod, /usr/bin/unzip, /usr/bin/wget
|
|
owner: root
|
|
group: root
|
|
mode: '0440'
|
|
validate: 'visudo -cf %s' |