--- - name: User Management Playbook hosts: all become: true tasks: - name: Remove user 'adelia' ansible.builtin.user: name: adelia state: absent remove: true - name: Set facts from users.conf set_fact: my_users: "{{ my_users | default([]) + [ { 'user': params[0], 'state': params[1], 'super': (params[2] == 'super') } ] }}" loop: "{{ lookup('file', 'user.conf').splitlines() }}" vars: params: "{{ item.split(':') }}" - name: Manage users ansible.builtin.user: name: "{{ item.user }}" state: "{{ item.state }}" loop: "{{ my_users }}" - name: Sudo privileges for super users ansible.builtin.lineinfile: path: /etc/sudoers line: "{{ item.user }} ALL=(ALL) NOPASSWD: ALL" validate: 'visudo -cf %s' loop: "{{ my_users }}" when: item.super - name: Add SSH key for user ansible.posix.authorized_key: user: "{{ user_name }}" state: present key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}" vars: user_name: adel - name: Add user to sudo group ansible.builtin.user: name: "{{ sudo_user }}" groups: sudo append: true state: present create_home: true vars: sudo_user: adelia - name: Configure password reuse policy ansible.posix.sysctl: name: "kernel.printk_ratelimit" value: "10" state: present reload: yes - name: Create group 'pkl' ansible.builtin.group: name: pkl state: present - name: Create user 'syifa' in group 'pkl' ansible.builtin.user: name: syifa state: present groups: pkl append: yes shell: /bin/bash - name: Add 'pkl' group to sudoers ansible.builtin.lineinfile: path: /etc/sudoers state: present regexp: '^%pkl' line: '%pkl ALL=(ALL) NOPASSWD: ALL' validate: 'visudo -cf %s' - name: Remove 'syifa' from group 'pkl' ansible.builtin.user: name: syifa groups: pkl state: present append: no - name: Remove group 'pkl' ansible.builtin.group: name: pkl state: absent