ansible/roles/common/tasks/ansible.yml

#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: create ansible user
  ansible.builtin.user: name=ansible password_lock=yes
- name: configure ansible user home directory
  ansible.builtin.file: path=/home/ansible owner=ansible group=ansible
- name: configure ansible user keys
  authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
- name: configure ansible user sudo
  ansible.builtin.lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"