Restructured code for personas

roles/backup-provider-user/tasks/main.yml

@@ -0,0 +1,47 @@
+- name: create backup user
+  user:
+    name: backup
+    create_home: yes
+  when: run_once_backups_provider_user is not defined
+
+- name: create .ssh directory
+  file:
+    path: /home/backup/.ssh
+    state: directory
+    owner: backup
+    group: backup
+    mode: '0700'
+  when: run_once_backups_provider_user is not defined
+
+- name: create /home/backup/.ssh/authorized_keys
+  template:
+    src: "authorized_keys.j2"
+    dest: /home/backup/.ssh/authorized_keys
+    owner: backup
+    group: backup
+    mode: '0644'
+  when: run_once_backups_provider_user is not defined
+
+- name: create /home/backup/ssh-wrapper.sh
+  copy:
+    src: "ssh-wrapper.sh"
+    dest: /home/backup/ssh-wrapper.sh
+    owner: backup
+    group: backup
+    mode: '0700'
+  when: run_once_backups_provider_user is not defined
+
+- name: grant backup sudo rights
+  copy:
+    src: "backup"
+    dest: /etc/sudoers.d/backup
+    mode: '0644'
+    owner: root
+    group: root
+  notify: sshd restart
+  when: run_once_backups_provider_user is not defined
+  
+- name: run the backups_provider_user tasks once
+  set_fact:
+    run_once_backups_provider_user: true
+  when: run_once_backups_provider_user is not defined