From f01b1dc9a9ddd66b38c86696fdbb63099f7d540c Mon Sep 17 00:00:00 2001
From: Simon Cornet <simon@simoncor.net>
Date: Sat, 14 Dec 2024 11:12:56 +0100
Subject: [PATCH] [usermanagement] feat: allow drone to use systemctl on
 revproxies

---
 templates/usermanagement/sudoers.d/sudoers.j2 | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/templates/usermanagement/sudoers.d/sudoers.j2 b/templates/usermanagement/sudoers.d/sudoers.j2
index 5732797..d528155 100644
--- a/templates/usermanagement/sudoers.d/sudoers.j2
+++ b/templates/usermanagement/sudoers.d/sudoers.j2
@@ -15,19 +15,19 @@ drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer *
 drone registry.siempie.internal=(root) NOPASSWD:/usr/bin/docker *
 {% endif %}
 {% if inventory_hostname == 'rp01.siempie.internal' %}
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/rclone *
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl reload nginx
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl status nginx
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/rclone *
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl reload nginx
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl status nginx
 {% endif %}
 {% if inventory_hostname == 'rp02.siempie.internal' %}
-drone rp02.siempie.internal=(simon) NOPASSWD:/usr/bin/rclone *
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl reload nginx
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl status nginx
+drone rp02.siempie.internal=(root) NOPASSWD:/usr/bin/rclone *
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl reload nginx
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl status nginx
 {% endif %}
 {% if inventory_hostname == 'wireguard.do.simoncor.net' %}
-drone wireguard.do.simoncor.net=(simon) NOPASSWD:/usr/bin/rclone *
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl reload nginx
-drone rp01.siempie.internal=(simon) NOPASSWD:/usr/bin/systemctl status nginx
+drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/rclone *
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl reload nginx
+drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl status nginx
 {% endif %}
 {% else %}
 {% if sudo_pwless == False %}