12 lines
375 B
YAML
12 lines
375 B
YAML
|
|
---
|
||
|
|
- name: Grant the AI-worker user passwordless sudo (ADR-015 amended / ADR-021)
|
||
|
|
ansible.builtin.copy:
|
||
|
|
content: "{{ base__ai_worker_user }} ALL=(ALL) NOPASSWD:ALL\n"
|
||
|
|
dest: "/etc/sudoers.d/{{ base__ai_worker_user }}-ai-worker"
|
||
|
|
owner: root
|
||
|
|
group: root
|
||
|
|
mode: "0440"
|
||
|
|
validate: "visudo -cf %s"
|
||
|
|
when: base__ai_worker_user | length > 0
|
||
|
|
tags: [users]
|