ref(playbook): Change to role-based structure

roles/user/tasks/main.yaml

@@ -0,0 +1,27 @@
+- name: Enable sudo access for "wheel" group
+  ansible.builtin.copy:
+    content: "%wheel ALL=(ALL) ALL"
+    dest: "/etc/sudoers.d/10-wheel"
+    owner: root
+    group: root
+    mode: 0644
+    force: true
+  tags: sudo
+
+- name: Ensure all desired user groups exist
+  ansible.builtin.group:
+    name: "{{ item }}"
+    state: present
+  loop: "{{ user_groups }}"
+
+- name: Add primary user
+  ansible.builtin.user:
+    name: "{{ user_name }}"
+    password: "{{ user_pass | password_hash('sha512', '{{ user_pass_salt}}') }}"
+    create_home: true
+    shell: "/bin/{{ user_shell }}"
+    group: "{{ user_name }}"
+    groups: "{{ user_groups }}"
+    generate_ssh_key: true
+  tags:
+    - passlib