---
# task/create_user file for provision_management_user
- name: "Create group {{ provision_management_user_group }}"
  ansible.builtin.group:
    name: "{{ provision_management_user_group }}"
    state: present
    system: "{{ provision_management_user_is_system }}"

- name: "Create user {{ provision_management_user_name }}"
  ansible.builtin.user:
    name: "{{ provision_management_user_name }}"
    comment: "Management user"
    password: "{{ provision_management_user_password }}"
    group: "{{ provision_management_user_group }}"
    home: "{{ provision_management_user_home }}"
    shell: "{{ provision_management_user_shell }}"
    system: "{{ provision_management_user_is_system }}"
    create_home: true

- name: "Add user to sudoers"
  community.general.sudoers:
    name: "{{ provision_management_user_name }}"
    user: "{{ provision_management_user_name }}"
    commands: ALL
    nopassword: true
    setenv: true
  when: provision_management_user_sudoer