Add create user and sudo

Choux.yml

@@ -8,3 +8,4 @@
   tasks:
     - include: tasks/arch_base_packages.yml
     - include: tasks/users.yml
+    - include: tasks/sudo.yml

files/sudoers

@@ -0,0 +1,12 @@
+root  ALL=(ALL) ALL
+%sudo ALL=(ALL) ALL
+
+# Allow the build user access to pacman. This user can't be accessed without
+# being in the sudo group, anyway.
+makepkg ALL=NOPASSWD: /usr/bin/pacman *
+
+# If you managed to run malicious code as my user, I'm already fucked, so err
+# on the side of usability.
+{% for user in deploy_users %}
+{{ user }} ALL=(ALL) NOPASSWD:ALL
+{% endfor %}

tasks/sudo.yml

@@ -0,0 +1,23 @@
+---
+- name: Install sudo
+  pacman:
+    name: sudo
+    state: present
+
+- name: Configure sudoers
+  template: 
+    src: files/sudoers 
+    dest: /etc/sudoers
+    mode: 0440
+
+- name: Create sudo group
+  group: 
+    name: sudo
+    state: present
+
+- name: Add local user to sudo group
+  user: 
+    name: {{ item }}
+    groups: sudo 
+    append: yes
+    with_items: '{{ deploy_users }}'

tasks/users.yml

@@ -1,2 +1,8 @@
 ---
+- name: Add users
+  user:
+    name: "{{ username }}" 
+    password: "{{ password }}" 
+    shell: /bin/zsh
+  with_items: "{{ users }}"
 

vars/common.yml

@@ -1,8 +1,8 @@
 ---
 
 users:
-  - { username: 'lafrite', passworld: ''}
-  - { username: 'waha', passworld: ''}
+  - { username: 'lafrite', password: '$6$OnPrZgotbSWZlh0T$VSyF8lUhD/N881d1GsggE7jDFt0uAzls2r.pqgDV6XQKbTqZWfv0X4QWd/3wivUDyzaSjP4LQWVfne7KYR6Vv1'}
+  - { username: 'waha', password: '$6$tQLlZ3lI/NDcT3.C$VCBzrpNxDgOK7b2que2/BnAYWl.zKVugZrQEPxtsq3iWcskEzQ1NvytZRXkB4GCDa/xEohxiodyCaZyFnhxby1'}
 
 deploy_users:
   - waha