cicd/playbooks/roles/set-users/tasks/main.yml

---
# tasks file for set-users
- name: Create new user
  ansible.builtin.user:
    name: "{{ main_user }}"
    create_home: yes
    shell: /bin/bash
    password: "{{ user_password| password_hash('sha512') }}"

- name: Add user to groups
  ansible.builtin.user:
    name: "{{ main_user }}"
    groups: "{{ server_groups }}"
    append: yes

- name: Configure sudo to allow passwordless access for  user
  become_user: root
  lineinfile:
    path: /etc/sudoers.d/ansible_nopasswd
    create: yes
    line: "{{ main_user }} ALL=(ALL) NOPASSWD: ALL"
    validate: "/usr/sbin/visudo -cf %s"
    mode: "0440"
    state: present
v0.1 2025-07-20 14:53:12 +03:00			`---`
			`# tasks file for set-users`
			`- name: Create new user`
			`ansible.builtin.user:`
			`name: "{{ main_user }}"`
			`create_home: yes`
			`shell: /bin/bash`
			`password: "{{ user_password\| password_hash('sha512') }}"`

			`- name: Add user to groups`
			`ansible.builtin.user:`
			`name: "{{ main_user }}"`
			`groups: "{{ server_groups }}"`
			`append: yes`

			`- name: Configure sudo to allow passwordless access for user`
			`become_user: root`
			`lineinfile:`
			`path: /etc/sudoers.d/ansible_nopasswd`
			`create: yes`
			`line: "{{ main_user }} ALL=(ALL) NOPASSWD: ALL"`
			`validate: "/usr/sbin/visudo -cf %s"`
			`mode: "0440"`
			`state: present`