---

- name: Install sudo
  apt: name=sudo state=installed

- name: Set-up the Ansible group
  group: name=ansible system=yes

- name: Set-up the Ansible user
  user: name=ansible system=yes group=ansible shell=/bin/bash

- name: Set-up authorized key for the Ansible user
  authorized_key: user=ansible key="{{ ansible_key }}"

- name: Set-up password-less sudo for the ansible user
  copy: src=ansible_sudo dest=/etc/sudoers.d/ansible mode=640 owner=root group=root

- name: Revoke rights for Ansible user to log-in as root to server via ssh
  authorized_key: user=root key="{{ ansible_key }}" state=absent

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "handlers | default(False) | bool() == True"
  tags:
    - handlers