- group:
    name: admin
    state: present

- name: Passwordless sudo for admins
  lineinfile: dest=/etc/sudoers line="%admin  ALL=(ALL:ALL) NOPASSWD:ALL"

- include: users.yml

- name: common | install packages
  apt: pkg={{ item }} state=latest update_cache=yes
  with_items:
     - curl
     - htop
     - molly-guard
     - sudo
     - tree
     - vim
     - python-simplejson

- name: sshd_config
  file:
    src: files/sshd_config
    dest: /etc/ssh/sshd_config
    mode: 0644
    owner: root
    group: root

    #- name: Load secrets file
    #  include_vars:
    #      file: secrets/password_list.yml