build

roles/init/tasks/main.yml

@@ -24,10 +24,10 @@
         append: true
       when: group_check is succeeded
 
-    - name: Give deploy sudo access
+    - name: Give jd passwordless sudo
-      ansible.builtin.copy:
+      copy:
         dest: /etc/sudoers.d/jd
-        content: "jd ALL=(ALL:ALL) ALL\n"
+        content: "jd ALL=(ALL) NOPASSWD:ALL\n"
         owner: root
         group: root
         mode: '0440'
@@ -36,6 +36,7 @@
       ansible.builtin.user:
         name: root
         password: "{{ jd_password | password_hash('sha512') }}"
+
     - name: Update become password for subsequent tasks
       ansible.builtin.set_fact:
         ansible_become_password: "{{ jd_password }}"