39 lines
857 B
YAML
39 lines
857 B
YAML
---
|
|
- name: grant sudo
|
|
hosts: "{{ HOSTS | default('web') }}"
|
|
become: true
|
|
gather_facts: false
|
|
vars:
|
|
sudo_cleanup: true
|
|
|
|
tasks:
|
|
- name: Check if sudo user exists on system
|
|
getent:
|
|
database: passwd
|
|
key: "{{ sudo_user }}"
|
|
|
|
- name: create sudo rule
|
|
copy:
|
|
dest: "/etc/sudoers.d/{{ sudo_user }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0640
|
|
content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
|
|
|
|
- name: install package
|
|
yum:
|
|
name: at
|
|
state: latest
|
|
|
|
- name: start service
|
|
service:
|
|
name: atd
|
|
state: started
|
|
|
|
- name: time based cleanup
|
|
at:
|
|
command: "rm /etc/sudoers.d/{{ sudo_user }}"
|
|
count: "{{ sudo_count | default('10') }}"
|
|
units: "{{ sudo_units | default('minutes') }}"
|
|
when: sudo_cleanup|bool
|