- name: Add Local User
  ansible.builtin.user:
    name: "{{ svc_acct_name }}"
    comment: General Service Account
    password_lock: true
    shell: "/bin/bash"
    create_home: true
- name: Wheel Group
  when: ansible_facts['os_family'] == "RedHat"
  ansible.builtin.user:
    name: servicelink
    groups: wheel
    append: true
- name: Sudo Group
  when: ansible_facts['distribution'] == "Ubuntu"
  ansible.builtin.user:
    name: "{{ svc_acct_name }}"
    groups: sudo
    append: true
- name: Make servicelink sudo Passwordless
  ansible.builtin.lineinfile:
    path: /etc/sudoers
    state: present
    line: "{{ svc_acct_name }}  ALL=(ALL)       NOPASSWD: ALL"
    validate: /usr/sbin/visudo -cf %s
- name: "Make .ssh  dir"
  ansible.builtin.file:
    path: "/home/{{ svc_acct_name }}/.ssh/"
    state: directory
    owner: "{{ svc_acct_name }}"
    group: "{{ svc_acct_name }}"
    mode: "0700"
- name: Make Authorised Key
  ansible.builtin.file:
    path: "/home/{{ svc_acct_name }}/.ssh/authorized_keys"
#    state: touch
    owner: "{{ svc_acct_name }}"
    group: "{{ svc_acct_name }}"
    mode: "0600"
- name: Add Publickey
  ansible.builtin.lineinfile:
    path: "/home//{{ svc_acct_name }}/.ssh/authorized_keys"
    line: "{{ item }}"
  loop: "{{ svc_acct_keys }}"