---
- include: packages.yml
- include: git-repos.yml
- include: rsyncd.yml

- name: create user maesto
  user:
    name: maesto
    shell: /bin/bash
    state: present

- name: install ssh public key of maesto
  authorized_key:
    user: maesto
    state: present
    exclusive: yes
    key: "{{ lookup('file', 'maesto.pub') }}"

- name: configure passwordless sudo access
  template:
    src: "sudoers-maesto.j2"
    dest: "/etc/sudoers.d/maesto"
    owner: root
    group: root
    mode: '0440'
    validate: "/usr/sbin/visudo -cf %s"