---

- hosts: all
  become: true

  pre_tasks:
  - name: update respository index
    tags: always
    ansible.builtin.apt:
      update_cache: true


- hosts: all
  become: true

  tasks:
  - name: create ansible user with group
    tags: always 
    ansible.builtin.user:
      name: ansible
      group: ansible

  - name: add ssh key for ansible
    tags: always 
    ansible.builtin.authorized_key:
      user: ansible
      key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOclevKIKKnVEgkVXjszax/bTfaBT9yNNfy2in2ZZoyU ansible"

  - name: add sudoers file for ansible
    tags: always 
    ansible.builtin.copy:
      src: sudoer_ansible
      dest: /etc/sudoers.d/ansible
      owner: root
      group: root
      mode: 0440