diff options
-rw-r--r-- | group_vars/all | 3 | ||||
-rw-r--r-- | group_vars/dev-cloud | 6 | ||||
-rw-r--r-- | roles/ssh-ldap/templates/ansible_sudoers | 3 |
3 files changed, 9 insertions, 3 deletions
diff --git a/group_vars/all b/group_vars/all index e29666fc..295c8747 100644 --- a/group_vars/all +++ b/group_vars/all @@ -4,3 +4,6 @@ secrets_dir: secrets install_base: /srv apache_user: www-data + +sudo_groups: + - infrastructure diff --git a/group_vars/dev-cloud b/group_vars/dev-cloud index 53288fd5..2c9092b4 100644 --- a/group_vars/dev-cloud +++ b/group_vars/dev-cloud @@ -3,6 +3,6 @@ login_groups: sudoers: - andy.doan - - martin.stadtler - - christian.allen - - yazen.ghannam + +sudo_groups: + - dev-cloud-admins diff --git a/roles/ssh-ldap/templates/ansible_sudoers b/roles/ssh-ldap/templates/ansible_sudoers index 0f063f8b..5e769128 100644 --- a/roles/ssh-ldap/templates/ansible_sudoers +++ b/roles/ssh-ldap/templates/ansible_sudoers @@ -2,3 +2,6 @@ {% for user in sudoers %} {{user}} ALL=(ALL:ALL) ALL {% endfor %} +{% for group in sudo_groups %} +%{{group}} ALL=(ALL:ALL) ALL +{% endfor %} |