Enable doas become plugin for non AD members

The new servers that are not members of the AD domain use `doas` instead of `sudo`.
2024-11-25 21:59:54 -06:00 · 2024-11-25 21:59:54 -06:00 · d2e8b9237f
parent bc7e7c2475
commit d2e8b9237f
2 changed files with 10 additions and 0 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -1,9 +1,17 @@
+ansible_become_method: community.general.doas
+ansible_become_password: unused
+
 managed_users:
 - name: dustin
  comment: Dustin C. Hatch
  uid: 3000016
  groups:
  - wheel
+- name: jenkins
+  comment: Jenkins
+  uid: 3000018
+  groups:
+  - wheel

 doas_authorized_ssh_keys: |
  sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIF4yQAS0bAQ9Ymxgxv828MsX0z4ff/Fs//0PQOtPexRJAAAABHNzaDo= dustin@rosalina.pyrocufflink.blue
--- a/group_vars/pyrocufflink/main.yml
+++ b/group_vars/pyrocufflink/main.yml
@ -1,3 +1,5 @@
+ansible_become_method: sudo
+
 krb5_realm: PYROCUFFLINK.BLUE
 samba_security: ads
 samba_use_winbind: true