From 4a7e0f7d96ee33e3d28cb9ca578f25d293b1bad9 Mon Sep 17 00:00:00 2001
From: Tyler Hale <tyler@haletek.com>
Date: Thu, 9 Sep 2021 15:18:11 -0600
Subject: [PATCH] Adding step to set NOPASSWD for the wheel group

---
 roles/base/tasks/core.yml      |  8 ++++++++
 roles/base/tasks/core_sudo.yml | 10 ++++++++++
 2 files changed, 18 insertions(+)
 create mode 100644 roles/base/tasks/core_sudo.yml

diff --git a/roles/base/tasks/core.yml b/roles/base/tasks/core.yml
index ceeda15..e245b86 100644
--- a/roles/base/tasks/core.yml
+++ b/roles/base/tasks/core.yml
@@ -35,6 +35,14 @@
   tags:
   - ssh
 
+- name: "*** SUDO Configuration ***"
+  include_tasks:
+    file: core_sudo.yml
+    apply:
+      tags: sudo
+  tags:
+  - sudo
+
 - name: "*** Generate Self-Signed Cert ***"
   include_tasks:
     file: core_cert.yml
diff --git a/roles/base/tasks/core_sudo.yml b/roles/base/tasks/core_sudo.yml
new file mode 100644
index 0000000..420b265
--- /dev/null
+++ b/roles/base/tasks/core_sudo.yml
@@ -0,0 +1,10 @@
+---
+# file: roles/base/tasks/core_sudo.yml
+
+- name: Enabled passwordless sudo
+  lineinfile:
+    path: /etc/sudoers
+    state: present
+    regexp: '^%wheel'
+    line: '%wheel ALL=(ALL) NOPASSWD: ALL'
+    validate: 'visudo -cf %s'