#SPDX-License-Identifier: MIT-0
---
# tasks file for user_add

- name: Add admin user {{ username }}
  ansible.builtin.user:
    name: "{{ username }}"
    comment: "{{ fullname }}"
    groups: sudo
    create_home: true
    shell: /bin/bash

- name: Create passwordless sudo
  lineinfile:
    path: /etc/sudoers.d/{{ username }}

    line: '"{{ username }}" ALL=(ALL) NOPASSWD:ALL'
    state: present
    create: true

- name: Add pubkey for new admin user {{ username }}
  authorized_key:
    user: "{{ username }}"
    state: present
    key: "{{ lookup( 'file', ssh_pubkey ) }}"