design.md 501 B
Context
ansible.cfg has become = True in [privilege_escalation], applying sudo to all plays globally. The localhost play only creates local directories and renders a template — it doesn't need root access.
Goals / Non-Goals
Goals:
- Allow the localhost play to run without sudo
Non-Goals:
- No changes to global become settings (server plays still need root)
Decisions
Add become: false to the localhost play. This overrides the global setting for this specific play.