From 7ec59f8c52f4cf8126ad548208c68c7c1f10d204 Mon Sep 17 00:00:00 2001
From: "Kenneth Benzie (Benie)" <benie@infektor.net>
Date: Mon, 7 Nov 2022 14:16:19 +0000
Subject: [PATCH] Add sudo role for Unix systems

---
 Unix.yaml                    |  3 +++
 roles/sudo/tasks/main.yaml   | 12 ++++++++++++
 roles/sudo/templates/sudoers |  1 +
 3 files changed, 16 insertions(+)
 create mode 100644 roles/sudo/tasks/main.yaml
 create mode 100644 roles/sudo/templates/sudoers

diff --git a/Unix.yaml b/Unix.yaml
index c1606a9..72a3b1b 100644
--- a/Unix.yaml
+++ b/Unix.yaml
@@ -2,6 +2,9 @@
 - hosts: localhost
 
   roles:
+    - role: sudo
+      when: ansible_user_id != "root"
+
     - role: zsh
     - role: neovim
     - role: tmux
diff --git a/roles/sudo/tasks/main.yaml b/roles/sudo/tasks/main.yaml
new file mode 100644
index 0000000..d7b07cc
--- /dev/null
+++ b/roles/sudo/tasks/main.yaml
@@ -0,0 +1,12 @@
+---
+- assert:
+    that: ansible_user_id != "root"
+
+- name: create /etc/sudoers.d/{user} config file
+  become: true
+  template:
+    src: sudoers
+    dest: '/etc/sudoers.d/{{ansible_user_id}}'
+    owner: root
+    group: root
+    mode: '0440'
diff --git a/roles/sudo/templates/sudoers b/roles/sudo/templates/sudoers
new file mode 100644
index 0000000..f034056
--- /dev/null
+++ b/roles/sudo/templates/sudoers
@@ -0,0 +1 @@
+{{ansible_user_id}}	ALL=(ALL)	NOPASSWD:ALL