- name: create administrator user: name: administrator update_password: on_create password: "{{ user_administrator_initial_password | password_hash('sha512') }}" create_home: yes generate_ssh_key: yes ssh_key_type: rsa ssh_key_bits: 8192 when: run_once_user_administrator is not defined - name: "set correct rights for {{path_administrator_home}}" file: path: "{{path_administrator_home}}" state: directory owner: administrator group: administrator mode: 0700 when: run_once_user_administrator is not defined - name: "create {{path_administrator_scripts}}" file: path: "{{path_administrator_home}}scripts" state: directory owner: administrator group: administrator mode: 0700 when: run_once_user_administrator is not defined - name: create {{path_administrator_home}}.ssh/authorized_keys copy: src: "{{ inventory_dir }}/files/{{ inventory_hostname }}{{path_administrator_home}}.ssh/authorized_keys" dest: "{{path_administrator_home}}.ssh/authorized_keys" owner: administrator group: administrator mode: '0644' when: run_once_user_administrator is not defined - name: grant administrator sudo rights with password copy: src: "administrator" dest: /etc/sudoers.d/administrator mode: '0644' owner: root group: root notify: sshd restart when: run_once_user_administrator is not defined - name: run the user_administrator tasks once set_fact: run_once_user_administrator: true when: run_once_user_administrator is not defined