---
- name: Ensure group exists
  become: true
  ansible.builtin.group:
    name: "{{ rsync_mirror_user_group }}"
    state: present

- name: Ensure user exists
  become: true
  ansible.builtin.user:
    name: "{{ rsync_mirror_user }}"
    group: "{{ rsync_mirror_user_group }}"
    create_home: false

- name: Ensure user is added to sudoers
  become: true
  community.general.sudoers:
    name: "users-sudo-{{ rsync_mirror_user }}"
    state: present
    user: "{{ rsync_mirror_user }}"
    commands: ALL # TODO einschränken?
    nopassword: true