Add the admin role

roles/admin/README.md

@@ -0,0 +1,25 @@
+# Admin
+
+Create an admin user that is added to the `sudo` group.
+
+## Role Variables
+
+* `admin_become` - Default: true. Enable/disable the Ansible become
+  functionality.
+* `admin_become_user` - Default: root. When using become functionality for
+  privilege escalation, this is the user with desired privileges you become.
+* `admin_user` - Username of the admin account.
+* `admin_password` - Password of the admin account.
+* `admin_key_file` - Path to the ssh public key of the admin account.
+
+## Example Playbook
+
+```yaml
+- hosts: my-server
+  vars:
+    admin_user: administrator
+    admin_password: the_secret_password
+    admin_key_file: /path/to/ssh/key.pub
+  roles:
+    - eriol.kit.admin
+```

roles/admin/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+admin_become: true
+admin_become_user: root

roles/admin/tasks/main.yml

@@ -0,0 +1,24 @@
+---
+- block:
+
+  - name: ensure sudo is installed
+    apt:
+      name: sudo
+      state: present
+      update_cache: true
+      cache_valid_time: 3600
+
+  - name: ensure admin user ({{ admin_user }}) exists
+    user:
+      name: "{{ admin_user }}"
+      password: "{{ admin_password | password_hash('sha512') }}"
+      groups: sudo
+
+  - name: set authorized key for the admin user ({{ admin_user }})
+    authorized_key:
+      user: "{{ admin_user }}"
+      key: "{{ lookup('file', admin_key_file) }}"
+      state: present
+
+  become: "{{ admin_become }}"
+  become_user: "{{ admin_become_user }}"