-name:Add sudo groupgroup:name:"sudo"state:present# NOTE(mordred): We replace the main file rather than dropping a file in to# /etc/sudoers.d to deal with divergent base sudoers files from our distros.# We also want to change some default behavior (we want nopassword sudo, for# instance).-name:Setup sudoers filecopy:dest:/etc/sudoerssrc:sudoersowner:rootgroup:rootmode:0440-name:Setup adduser.conf filecopy:dest:/etc/adduser.confsrc:'{{ansible_facts.os_family}}/adduser.conf'owner:rootgroup:rootmode:0644-name:Setup login.defs filecopy:dest:/etc/login.defssrc:'{{ansible_facts.os_family}}/login.defs'owner:rootgroup:rootmode:0644-name:Delete default distro cloud image users# Do this in a separate task so that we can use force: yes which is# probably too destructive for normal users, but should be fine for# these built in cloud image names.loop:"{{disabled_distro_cloud_users}}"user:name:"{{item}}"state:absentremove:yesforce:yes-name:Delete old usersloop:"{{disabled_users}}"user:name:"{{item}}"state:absentremove:yes-name:Add groupsloop:"{{base_users+extra_users}}"group:name:"{{item}}"state:presentgid:"{{all_users[item].gid|default(omit)}}"when:-item in all_users-"'gid'inall_users[item]"-name:Add usersloop:"{{base_users+extra_users}}"user:name:"{{item}}"state:presentuid:"{{all_users[item].uid}}"group:"{{item}}"comment:"{{all_users[item].comment}}"groups:sudoshell:/bin/bashwhen:-item in all_users-"'uid'inall_users[item]"-name:Add ssh keys to usersloop:"{{base_users+extra_users}}"authorized_key:user:"{{item}}"state:presentkey:"{{all_users[item].key}}"exclusive:yeswhen:-item in all_users-"'key'inall_users[item]"