summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--group_vars/all3
-rw-r--r--group_vars/dev-cloud6
-rw-r--r--roles/ssh-ldap/templates/ansible_sudoers3
3 files changed, 9 insertions, 3 deletions
diff --git a/group_vars/all b/group_vars/all
index e29666fc..295c8747 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -4,3 +4,6 @@ secrets_dir: secrets
install_base: /srv
apache_user: www-data
+
+sudo_groups:
+ - infrastructure
diff --git a/group_vars/dev-cloud b/group_vars/dev-cloud
index 53288fd5..2c9092b4 100644
--- a/group_vars/dev-cloud
+++ b/group_vars/dev-cloud
@@ -3,6 +3,6 @@ login_groups:
sudoers:
- andy.doan
- - martin.stadtler
- - christian.allen
- - yazen.ghannam
+
+sudo_groups:
+ - dev-cloud-admins
diff --git a/roles/ssh-ldap/templates/ansible_sudoers b/roles/ssh-ldap/templates/ansible_sudoers
index 0f063f8b..5e769128 100644
--- a/roles/ssh-ldap/templates/ansible_sudoers
+++ b/roles/ssh-ldap/templates/ansible_sudoers
@@ -2,3 +2,6 @@
{% for user in sudoers %}
{{user}} ALL=(ALL:ALL) ALL
{% endfor %}
+{% for group in sudo_groups %}
+%{{group}} ALL=(ALL:ALL) ALL
+{% endfor %}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 18:58:11 +0000