- name: Configure system hosts: root_host become: yes vars_files: - vars/user-vars.yml tasks: - name: Create a user user: name: "{{ username }}" password: "{{ '{{ password }}' | password_hash('sha512') }}" shell: /bin/bash state: present - name: Add user to sudoers group user: name: "{{ username }}" groups: sudo append: yes - name: Ensure .ssh directory exists for user file: path: /home/{{ username }}/.ssh state: directory owner: "{{ username }}" group: "{{ username }}" mode: '0700' - name: Append SSH public key to authorized_keys lineinfile: path: /home/{{ username }}/.ssh/authorized_keys line: "{{ lookup('file', path_to_ssh_key) }}" create: yes owner: "{{ username }}" group: "{{ username }}" mode: '0600' state: present - name: Add user to sudoers for passwordless sudo lineinfile: path: /etc/sudoers state: present regexp: '^{{ username }} ALL=\(ALL\) NOPASSWD:ALL' line: '{{ username }} ALL=(ALL) NOPASSWD:ALL' validate: 'visudo -cf %s'