34 lines
775 B
YAML
34 lines
775 B
YAML
- name: Ensure sudo defaults entry exists
|
|
community.general.ldap_entry:
|
|
dn: "cn=defaults,ou=SUDOers,dc=example,dc=com"
|
|
objectClass:
|
|
- top
|
|
- sudoRole
|
|
attributes:
|
|
cn: defaults
|
|
sudoOption:
|
|
- env_reset
|
|
state: present
|
|
args:
|
|
server_uri: "{{ ldap_uri }}"
|
|
bind_dn: "{{ ldap_admin_dn }}"
|
|
bind_pw: "{{ ldap_admin_pw }}"
|
|
start_tls: yes
|
|
|
|
|
|
- name: Admin sudo rule
|
|
community.general.ldap_entry:
|
|
dn: "cn=admins-all,{{ ldap_sudo_ou }}"
|
|
state: present
|
|
objectClass: sudoRole
|
|
attributes:
|
|
cn: admins-all
|
|
sudoUser: "%admins"
|
|
sudoHost: ALL
|
|
sudoCommand: ALL
|
|
args:
|
|
server_uri: "{{ ldap_uri }}"
|
|
bind_dn: "{{ ldap_admin_dn }}"
|
|
bind_pw: "{{ ldap_admin_pw }}"
|
|
start_tls: yes
|