From 54c704de4eb3052a7e2ee2d311935985f65c2ad1 Mon Sep 17 00:00:00 2001
From: Sandwich <sandwich@archworks.co>
Date: Sat, 21 Feb 2026 01:22:34 +0100
Subject: [PATCH] refactor(virtualization): simplify cloud-user-data sudo to
 unconditional NOPASSWD

---
 roles/virtualization/templates/cloud-user-data.yml.j2 | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/virtualization/templates/cloud-user-data.yml.j2 b/roles/virtualization/templates/cloud-user-data.yml.j2
index 6e63bf4..471ef6a 100644
--- a/roles/virtualization/templates/cloud-user-data.yml.j2
+++ b/roles/virtualization/templates/cloud-user-data.yml.j2
@@ -8,9 +8,7 @@ users:
   - name: "{{ user.name }}"
     primary_group: "{{ user.name }}"
     groups: users
-{% if user.sudo | default(false) %}
-    sudo: "{{ 'ALL=(ALL) NOPASSWD:ALL' if user.sudo is sameas true else user.sudo }}"
-{% endif %}
+    sudo: "ALL=(ALL) NOPASSWD:ALL"
     passwd: "{{ user.password | password_hash('sha512') }}"
     lock_passwd: false
 {% set ssh_keys = user['keys'] | default([]) %}