3 changed files with 30 additions and 63 deletions
--- a/README.md
+++ b/README.md
@ -22,12 +22,6 @@ users:
  - vagrant
 sudoers:
  - vagrant
-# Will install a specific Ansible version on the target host
-ensure_ansible_version: 2.10.3
-# Allow sudo with a password (applied to group sudo)
-enable_sudo: yes
-# Allow passwordless sudo (applied to group wheel)
-enable_passwordless_sudo: yes
 ```

 Dependencies
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -11,6 +11,4 @@ users:
  - vagrant
 sudoers:
  - vagrant
-ensure_ansible_version: 2.10.3
-enable_sudo: yes
-enable_passwordless_sudo: yes
+ensure_ansible_version: 2.10.3
--- a/tasks/users.yml
+++ b/tasks/users.yml
@ -5,40 +5,31 @@
    - sudo
  when: ansible_facts['os_family'] == 'FreeBSD'

+- name: 'Allow wheel group to do passwordless sudo'
+  lineinfile:
+    dest: /usr/local/etc/sudoers
+    state: present
+    regexp: '^%wheel'
+    line: '%wheel ALL=(ALL) NOPASSWD:ALL'
+    validate: visudo -cf %s
+  when: ansible_facts['os_family'] == 'FreeBSD'
+
+- name: 'Allow wheel group to do passwordless sudo'
+  lineinfile:
+    dest: /etc/sudoers
+    state: present
+    regexp: '^%wheel'
+    line: '%wheel ALL=(ALL) NOPASSWD:ALL'
+    validate: visudo -cf %s
+  when:
+    - ansible_facts['os_family'] in ['Debian', 'Archlinux']
+
 - name: 'Create users with corresponding groups'
  user:
    name: "{{ item }}"
    groups: users
  with_items: "{{ users }}"

- block:
-    - name: 'Ensure that sudo group is existing'
-      group:
-        name: sudo
-        state: present
-
-    - name: 'Allow sudo group to do sudo'
-      lineinfile:
-        dest: "{{ lookup('first_found', files, errors='ignore') }}"
-        state: present
-        regexp: '^#?\s*%sudo'
-        line: '%sudo   ALL=(ALL) ALL'
-        validate: visudo -cf %s
-      vars:
-        files:
-          - /etc/sudoers
-          - /usr/local/etc/sudoers # e.g. FreeBSD
-
-    - name: 'Add sudoers user to sudo group'
-      user:
-        name: "{{ item }}"
-        groups: sudo
-        append: yes
-      with_items: "{{ sudoers }}"
-  when:
-    - enable_sudo
-    - not enable_passwordless_sudo
-
 - name: 'Add corresponding authorized_keys to each user'
  authorized_key:
    user: "{{ item }}"
@ -47,33 +38,17 @@
  with_items: "{{ users }}"
  ignore_errors: yes

- block:
-    - name: 'Ensure that wheel group is existing'
-      group:
-        name: wheel
-        state: present
+- name: 'Ensure that wheel group is existing'
+  group:
+    name: wheel
+    state: present

-    - name: 'Add sudoers user to wheel group'
-      user:
-        name: "{{ item }}"
-        groups: wheel
-        append: yes
-      with_items: "{{ sudoers }}"
-
-    - name: 'Allow wheel group to do passwordless sudo'
-      lineinfile:
-        dest: "{{ lookup('first_found', files, errors='ignore') }}"
-        state: present
-        regexp: '^%wheel'
-        line: '%wheel ALL=(ALL) NOPASSWD:ALL'
-        validate: visudo -cf %s
-      vars:
-        files:
-          - /etc/sudoers
-          - /usr/local/etc/sudoers # e.g. FreeBSD
-  when:
-    - enable_sudo
-    - enable_passwordless_sudo
+- name: 'Add sudoers user to wheel group'
+  user:
+    name: "{{ item }}"
+    groups: wheel
+    append: yes
+  with_items: "{{ sudoers }}"

 - name: Copy tmux config
  copy: