---
# Tasks for setting custom facts.
- name: "Setting custom facts."
  ansible.builtin.set_fact:
    enable_cloudinit: "{{ enable_cloudinit | default('false') }}"

# Tasks for creating the local group for Ansible.
- name: "Creating the local group for Ansible."
  ansible.builtin.group:
    name: "{{ ansible_username }}"

# Tasks for creating the sudo group.
- name: "Creating the sudo group."
  ansible.builtin.group:
    name: sudo

# Tasks for creating the local user for Ansible.
- name: "Creating the local user for Ansible."
  ansible.builtin.user:
    name: "{{ ansible_username }}"
    group: "{{ ansible_username }}"
    groups: sudo
    password: '!'
    shell: /bin/bash

# Tasks for managing the authorized keys for the local users.
- name: "Managing the authorized keys for the local users."
  ansible.posix.authorized_key:
    user: "{{ item.user }}"
    key: "{{ item.key }}"
  loop:
    - user: "{{ ansible_username }}"
      key: "{{ ansible_key }}"
    - user: "{{ build_username }}"
      key: "{{ build_key }}"
  no_log: true

# Tasks for managing sudoers.d for the local users.
- name: "Managing sudoers.d for the local users."
  community.general.sudoers:
    name: "{{ item }}"
    user: "{{ item }}"
    commands: ALL
  loop:
    - "{{ build_username }}"
    - "{{ ansible_username }}"