---
- name: Ensure group exists
  become: true
  ansible.builtin.group:
    name: "{{ rsync_mirror_user_group }}"
    state: present

- name: Ensure user exists
  become: true
  ansible.builtin.user:
    name: "{{ rsync_mirror_user }}"
    groups:
      - "{{ rsync_mirror_user_group }}"
      - root
      - users
    create_home: true # für .ssh
    append: true

- name: Ensure user is added to sudoers
  become: true
  community.general.sudoers:
    name: "users-sudo-{{ rsync_mirror_user }}"
    state: present
    user: "{{ rsync_mirror_user }}"
    commands: ALL
    nopassword: true