I've just submitted my first Ansible role to galaxy.
The role is to manage sudo and sudoers; it can be found at:
There are already a number of existing roles which do the same tasks; however, I created my own for a number of reasons:
Firstly, I tried to be as unopinionated as possible. I found many roles didn't give access to all the options or would purposely only allow you to configure the role in a set way, such as using sudoers.d only for configuration.
Secondly, many only have the concept of adding sudo to a system. I like the idea of having the system also clean up after itself; I mimicked the Ansible state of present to install and absent to remove the role from the client.
I also want roles to be fully managed, meaning that it has total control over all files. For example, a user could add a file into the sudoers.d directory. We might then revoke this users permissions from the sudoers configuration; however, they still have access via the sudoers.d configuration file they created, if this directory is not managed by the roles.
But mostly I created my own to get a better concept of creating a full role, I've created roles previously at work which just do the very limit of what is required.
From making the role I feel I gained a much fuller understand of sudo. It really required me to read the documentation thoroughly and make sure I understood how each option worked. This is the main reason I think it has been a really good practise and will endeavour to create more roles myself.