---
- name: Bootstrap base systems
  hosts: tamriel
  remote_user: root
  vars:
    users:
    - login: pawel
      groups: ['sudo', 'remote_access', 'docker']
      pubkey: "{{ lookup('file', '/home/pawel/.ssh/id_rsa.pub') }}"
      shell: /bin/bash
    - login: ansible_worker
      groups: ['sudo', 'remote_access', 'docker']
      pubkey: "{{ lookup('file', '/home/pawel/.ssh/id_rsa.pub') }}"
      shell: /bin/bash
  roles:
  - base_users
  tasks:
  - name: Allow paswordless sudo
    lineinfile:
      dest: /etc/sudoers
      state: present
      insertafter: "^%sudo"
      line: "ansible_worker\tALL=(ALL:ALL) NOPASSWD: ALL"
      validate: '/usr/sbin/visudo -cf %s'
  #    line: "%sudo ALL=(ALL) NOPASSWD: ALL"