Loading templates/usermanagement/sudoers.d/sudoers.j2 +14 −14 Original line number Diff line number Diff line {% if __user['username'] == 'drone' %} {% if inventory_hostname == 'ansible.siempie.internal' %} drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible * drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible/roles/common * drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy * drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook * drone ansible.siempie.internal=(root) NOPASSWD:SETENV:/usr/bin/sh * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git -C /etc/ansible * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git -C /etc/ansible/roles/common * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/ansible-galaxy * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/ansible-playbook * drone {{ inventory_hostname }}=(root) NOPASSWD:SETENV:/usr/bin/sh * {% endif %} {% if inventory_hostname == 'mgmt01.siempie.internal' %} drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/kubectl * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/helm * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/bin/git * drone {{ inventory_hostname }}=(simon) NOPASSWD:/usr/local/bin/kubectl * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/kubectl * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/helm * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git * {% endif %} {% if inventory_hostname == 'packer01.siempie.internal' %} drone packer.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /mnt/packer * drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git -C /mnt/packer * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/packer * {% endif %} {% if inventory_hostname == 'wireguard.do.simoncor.net' %} drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/rclone * drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/systemctl reload nginx drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/systemctl status nginx drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/rclone * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/systemctl reload nginx drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/systemctl status nginx {% endif %} {% else %} {% if sudo_pwless == False %} Loading Loading
templates/usermanagement/sudoers.d/sudoers.j2 +14 −14 Original line number Diff line number Diff line {% if __user['username'] == 'drone' %} {% if inventory_hostname == 'ansible.siempie.internal' %} drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible * drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible/roles/common * drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy * drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook * drone ansible.siempie.internal=(root) NOPASSWD:SETENV:/usr/bin/sh * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git -C /etc/ansible * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git -C /etc/ansible/roles/common * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/ansible-galaxy * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/ansible-playbook * drone {{ inventory_hostname }}=(root) NOPASSWD:SETENV:/usr/bin/sh * {% endif %} {% if inventory_hostname == 'mgmt01.siempie.internal' %} drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/kubectl * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/helm * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/bin/git * drone {{ inventory_hostname }}=(simon) NOPASSWD:/usr/local/bin/kubectl * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/kubectl * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/helm * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git * {% endif %} {% if inventory_hostname == 'packer01.siempie.internal' %} drone packer.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /mnt/packer * drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/git -C /mnt/packer * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/local/bin/packer * {% endif %} {% if inventory_hostname == 'wireguard.do.simoncor.net' %} drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/rclone * drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/systemctl reload nginx drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/systemctl status nginx drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/rclone * drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/systemctl reload nginx drone {{ inventory_hostname }}=(root) NOPASSWD:/usr/bin/systemctl status nginx {% endif %} {% else %} {% if sudo_pwless == False %} Loading
