First Ansible Role on Galaxy

Posted by Robert Brightling on Tue 29 November 2016

I've just submitted my first Ansible role to galaxy.

The role is to manage sudo and sudoers; it can be found at:

There are already a number of existing roles which do the same tasks; however, I created my own for a number of reasons:

Firstly, I tried to be as unopinionated as possible. I found many roles didn't give access to all the options or would purposely only allow you to configure the role in a set way, such as using sudoers.d only for configuration.

Secondly, many only have the concept of adding sudo to a system. I like the idea of having the system also clean up after itself; I mimicked the Ansible state of present to install and absent to remove the role from the client.

I also want roles to be fully managed, meaning that it has total control over all files. For example, a user could add a file into the sudoers.d directory. We might then revoke this users permissions from the sudoers configuration; however, they still have access via the sudoers.d configuration file they created, if this directory is not managed by the roles.

But mostly I created my own to get a better concept of creating a full role, I've created roles previously at work which just do the very limit of what is required.

From making the role I feel I gained a much fuller understand of sudo. It really required me to read the documentation thoroughly and make sure I understood how each option worked. This is the main reason I think it has been a really good practise and will endeavour to create more roles myself.

tags: ansible