43 lines
2.2 KiB
Django/Jinja
43 lines
2.2 KiB
Django/Jinja
{% if __user['username'] == 'drone' %}
|
|
{% if inventory_hostname == 'ansible.siempie.internal' %}
|
|
drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible *
|
|
drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible/roles/common *
|
|
drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy install -r /etc/ansible/ansible_requirements.yaml
|
|
drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook *
|
|
{% endif %}
|
|
{% if inventory_hostname == 'mgmt01.infra.vpn.mirahsimon.us' %}
|
|
drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl *
|
|
drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/kubectl *
|
|
drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/helm *
|
|
drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/bin/git *
|
|
{% endif %}
|
|
{% if inventory_hostname == 'packer.siempie.internal' %}
|
|
drone packer.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /mnt/packer *
|
|
drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer *
|
|
{% endif %}
|
|
{% if inventory_hostname == 'registry.siempie.internal' %}
|
|
drone registry.siempie.internal=(root) NOPASSWD:/usr/bin/docker *
|
|
{% endif %}
|
|
{% if inventory_hostname == 'rp01.siempie.internal' %}
|
|
drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/rclone *
|
|
drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl reload nginx
|
|
drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl status nginx
|
|
{% endif %}
|
|
{% if inventory_hostname == 'rp02.siempie.internal' %}
|
|
drone rp02.siempie.internal=(root) NOPASSWD:/usr/bin/rclone *
|
|
drone rp02.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl reload nginx
|
|
drone rp02.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl status nginx
|
|
{% endif %}
|
|
{% if inventory_hostname == 'wireguard.do.simoncor.net' %}
|
|
drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/rclone *
|
|
drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl reload nginx
|
|
drone rp01.siempie.internal=(root) NOPASSWD:/usr/bin/systemctl status nginx
|
|
{% endif %}
|
|
{% else %}
|
|
{% if sudo_pwless == False %}
|
|
{{ __user['username'] }} ALL=(ALL) ALL
|
|
{% endif %}
|
|
{% if sudo_pwless == True %}
|
|
{{ __user['username'] }} ALL=(ALL) NOPASSWD: ALL
|
|
{% endif %}
|
|
{% endif %}
|