From f549ca07bd801986dc0e17448de702d79bd1be6f Mon Sep 17 00:00:00 2001
From: "Kenneth Benzie (Benie)" <benie@infektor.net>
Date: Mon, 7 Nov 2022 14:16:19 +0000
Subject: [PATCH] Add sudo role for Unix systems

---
 Unix.yaml                    |  2 ++
 roles/sudo/tasks/main.yaml   | 12 ++++++++++++
 roles/sudo/templates/sudoers |  1 +
 3 files changed, 15 insertions(+)
 create mode 100644 roles/sudo/tasks/main.yaml
 create mode 100644 roles/sudo/templates/sudoers

diff --git a/Unix.yaml b/Unix.yaml
index c1606a9..3a1796b 100644
--- a/Unix.yaml
+++ b/Unix.yaml
@@ -7,6 +7,8 @@
     - role: tmux
     - role: system-info
       when: '"WSL" not in ansible_kernel'
+    - role: sudo
+      when: ansible_user_id != "root"
 
     - role: ag
     - role: bat
diff --git a/roles/sudo/tasks/main.yaml b/roles/sudo/tasks/main.yaml
new file mode 100644
index 0000000..d7b07cc
--- /dev/null
+++ b/roles/sudo/tasks/main.yaml
@@ -0,0 +1,12 @@
+---
+- assert:
+    that: ansible_user_id != "root"
+
+- name: create /etc/sudoers.d/{user} config file
+  become: true
+  template:
+    src: sudoers
+    dest: '/etc/sudoers.d/{{ansible_user_id}}'
+    owner: root
+    group: root
+    mode: '0440'
diff --git a/roles/sudo/templates/sudoers b/roles/sudo/templates/sudoers
new file mode 100644
index 0000000..f034056
--- /dev/null
+++ b/roles/sudo/templates/sudoers
@@ -0,0 +1 @@
+{{ansible_user_id}}	ALL=(ALL)	NOPASSWD:ALL