From 4ae0ea68865cfbd32e842696707d6d919ba9ffe1 Mon Sep 17 00:00:00 2001
From: Tunui Franken <tfranken@protonmail.com>
Date: Sun, 23 Mar 2025 19:18:33 +0100
Subject: [PATCH] Minor fixes

---
 roles/add_cert_http_01/tasks/main.yml |  3 +++
 roles/common/tasks/main.yml           | 10 ++++++++++
 2 files changed, 13 insertions(+)

diff --git a/roles/add_cert_http_01/tasks/main.yml b/roles/add_cert_http_01/tasks/main.yml
index 6629ecd..9825916 100644
--- a/roles/add_cert_http_01/tasks/main.yml
+++ b/roles/add_cert_http_01/tasks/main.yml
@@ -55,6 +55,9 @@
     mode: 0640
   notify: Reload nftables service
 
+- name: Make sure nftables is reloaded
+  ansible.builtin.meta: flush_handlers
+
 - name: Set letsencrypt http-01 challenge argv
   ansible.builtin.set_fact:
     letsencrypt_http_01_challenge_argv:
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 1ce0b10..fb3b17b 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -50,3 +50,13 @@
     owner: root
     group: root
   notify: Restart sshd service
+
+- name: Copy sudoers file for root without password
+  become: true
+  ansible.builtin.copy:
+    content: "{{ ansible_user_id }} ALL=(ALL) NOPASSWD: ALL"
+    dest: "/etc/sudoers.d/{{ ansible_user_id }}"
+    owner: root
+    group: root
+    mode: 0440
+    validate: 'visudo -cf %s'