fredrik@tf-ansible-boss:~/ansible$ cat users.yml
---
- name: Create a user with sudo privileges
  hosts: all
  vars_files:
    - vault.yml
  become: yes
  tasks:
    - name: Create a personal user
      user:
        name: fredrik  # Replace with desired username
        password: "{{ 'user_password' | password_hash('sha512') }}"
        shell: /bin/bash
        state: present

    - name: Add user to sudo group
      user:
        name: fredrik  # Replace with the same username
        groups: sudo  # On Debian/Ubuntu; for CentOS/RHEL, use 'wheel'
        append: yes

    - name: Allow passwordless sudo for the user (Debian/Ubuntu)
      lineinfile:
        path: /etc/sudoers
        state: present
        regexp: '^fredrik'
        line: 'username ALL=(ALL) NOPASSWD:ALL'
        validate: '/usr/sbin/visudo -cf %s'

    - name: set root password
      user:
        name: root  # Replace with desired username
        password: "{{ 'user_password' | password_hash('sha512') }}"
        shell: /bin/bash
        state: present

    - name: add SSH public keys to user
      authorized_key:
        user: fredrik
        key: "{{ lookup('pipe','cat ./files/ssh_public_keys/*.pub') }}"