From cc52d995345cd679936a9f4c85dee62847287c26 Mon Sep 17 00:00:00 2001
From: Simon Cornet <simon@simoncor.net>
Date: Sat, 14 Dec 2024 11:06:31 +0100
Subject: [PATCH] [usermanagement] feat: allow drone to use systemctl on
 revproxies

---
 templates/usermanagement/sudoers.d/sudoers.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/templates/usermanagement/sudoers.d/sudoers.j2 b/templates/usermanagement/sudoers.d/sudoers.j2
index a94aea0..5732797 100644
--- a/templates/usermanagement/sudoers.d/sudoers.j2
+++ b/templates/usermanagement/sudoers.d/sudoers.j2
@@ -16,12 +16,18 @@ drone registry.siempie.internal=(root) NOPASSWD:/usr/bin/docker *
 {% endif %}
 {% if inventory_hostname == 'rp01.siempie.internal' %}
 drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/rclone *
+drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl reload nginx
+drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl status nginx
 {% endif %}
 {% if inventory_hostname == 'rp02.siempie.internal' %}
 drone rp02.siempie.internal=(simon) NOPASSWD:/usr/bin/rclone *
+drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl reload nginx
+drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl status nginx
 {% endif %}
 {% if inventory_hostname == 'wireguard.do.simoncor.net' %}
 drone wireguard.do.simoncor.net=(simon) NOPASSWD:/usr/bin/rclone *
+drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl reload nginx
+drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl status nginx
 {% endif %}
 {% else %}
 {% if sudo_pwless == False %}