Hi,
I am migrating to a new architecture and I have provisioned my servers with an ansible playbook. I am also using ansible to deploy my source code.
I want to be able to reload nginx when the configuration change without having to :
* give sudo rights on ALL commands to the deploy user
* having to pass a become-pass in the command line
In my previous installation, I was doing everything manually and I had added this settings to allow my deployment user to reload the nginx configuration :
deploy ALL(ALL) NOPASSWD: /usr/local/sbin/nginx -t, /usr/local/sbin/nginx -s reload
How can I have the same feature with Ansible ? Or what is the command which is executed when we use the service module and the state reloaded ?
Right now, I have this error :
sshpass -d15 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=deploy -o ConnectTimeout=10 -o ControlPath=/home/deploy/.ansible/cp/ansible-ssh-%h-%p-%r -tt x.x.x.x '/bin/bash -c '"'"'sudo -H -S -n -u root /bin/bash -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-lttadeaqujrmkjjfqaswosxpazzwmsoj; /usr/bin/python /home/deploy/.ansible/tmp/ansible-tmp-1485445894.86-256748839860893/systemd.py; rm -rf "/home/deploy/.ansible/tmp/ansible-tmp-1485445894.86-256748839860893/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
fatal: [x.x.x.x]: FAILED! => {
"changed": false,
"failed": true,
"invocation": {
"module_args": {
"name": "nginx",
"state": "reloaded"
},
"module_name": "service"
},
"module_stderr": "Shared connection to x.x.x.x closed.\r\n",
"module_stdout": "sudo: a password is required\r\n",
"msg": "MODULE FAILURE"
}
Note that I am provisioning a CentOS 7.3 server with Ansible 2.2.1.
Thanks