User tasks

main.yml

+- hosts: planb
+  become: true
+  vars_files:
+    - vars/users.yml
+  pre_tasks:
+    - name: Update repositories
+      apt: update_cache=yes
+      changed_when: False
+
+  tasks:
+    - include: tasks/apt.yml
+    - include: tasks/users.yml
+

tasks/apt.yml

+- name: Install debian packages.
+  apt:
+    name: [ 'openssh-server',
+            'tigervnc-standalone-server',
+            'xfce4',
+            'autocutsel',
+            'curl',
+            'wget',
+            'gzip',
+            'atop',
+            'git' ]
+  tags: upd-pack
+
+
+

tasks/createhosts.yml

+- hosts: localhost
+  vars:
+    digital_ocean_token: "{{ lookup('env','DO_API_TOKEN') }}"
+    droplet_size: c-4cpu-8gb
+    droplet_region: ams3
+    droplet_image: ubuntu-20-04-x64
+  tasks:
+  
+  - name: "add public ssh key to digitalocean account"
+    digital_ocean_sshkey:
+      name: "tier key"
+      oauth_token: "{{ digital_ocean_token }}"
+      ssh_pub_key: "{{lookup('file', '~/.ssh/id_rsa.pub') }}"
+      state: present
+    register: sshkey_result
+
+  - name: create a new droplet assigning the key
+    digital_ocean_droplet:
+      name: "{{ item }}"
+      oauth_token: "{{ digital_ocean_token }}"
+      size: "{{ droplet_size }}"
+      region: "{{ droplet_region }}"
+      image: "{{ droplet_image }}"
+      wait_timeout: 600
+      unique_name: yes
+      ssh_keys: ["{{ sshkey_result.data.ssh_key.id }}"]      
+      state: present
+    with_inventory_hostnames:
+      - plan_b
+    register: droplet_result
+
+  - name: save ip and hostname to local hosts file /etc/hosts
+    become: yes
+    lineinfile:
+      path: meta/planb.hosts
+      regexp: '.*{{ item.data.droplet.name }}$'
+      line: "{{ item.data.ip_address }}  {{ item.data.droplet.name }}"
+    with_items: "{{ droplet_result.results }}"

tasks/users.yml

+- name: Make big disk group
+  group:
+    name: scratch
+    state: present
+
+- name: Add normal users.
+  user:
+    name: "{{ item.login }}"
+    comment: "{{ item.name }}"
+    groups: adm , cdrom , dip , plugdev , scratch
+    generate_ssh_key: yes
+    update_password: on_create
+  loop: "{{ users }}"
+  when: not item.sudo
+
+- name: Add normal sudo users.
+  user:
+    name: "{{ item.login }}"
+    comment: "{{ item.name }}"
+    generate_ssh_key: yes
+    groups: sudo , adm , cdrom , dip , plugdev , scratch
+    update_password: on_create
+  loop: "{{ users }}"
+  when: item.sudo
+
+- name: Add SSH pub keys to authorized_keys.
+  authorized_key:
+    user: "{{ item['login'] }}"
+    key: "{{ item['sshkey'] }}"
+    exclusive: yes
+  ignore_errors: yes
+  when: item.sshkey
+  loop: "{{ users }}"

vars/users.yml

+users:
+  - login: ecitk
+    displ: 1
+    sudo: yes
+    name: Todor
+    sshkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvodoKak1YZDw/psy6XYT/dFKvZkeIwwFexwQPVtH36tOpexVFXLQ0fYpSzQiQdejnCzLlaMFUAQCqotKObp7ByKlEHsacxUtq4XxddufX67XV3jQuvitr51x9JDxaa0XpG0uZpN4uYNV9ievWiF2ZTBxS6+SZM7eKuLjhJPafwltWzZxGiBjm1/HP7IExSpGhgvdaoEspozNBWrm9ILGF1s957jsiq/+5cbXyY3Z37Js2ByyA1eM9Zmhai/5dzhwzqQuOvGVFHSNmJEjL+ZmQtpLqaq5o8YvSUu/jL7ZMe58Ppx3sbuCW0bGJ4NwJi1yankKEdotPiu1rjrfcN2hSg8rTLx+qJ3i7vBH3jgyS54K4Jfob1lbEwpE2OeBwiY9mcJbuMOsj7MS9vYzrVYACymbS+cLprEm5Wr7Rdy5jx23p1YMHFqmFUWZFs1Esa0wOGPwnaDUxTQWk3HtA8nah8p92F55yqPfGNL3eH8h0tPMsQDBms0jxQak10lvQa5Skdd5Jte8JHg6H0jbTuFZoXrIynqUxttdKCHPYcRt/YsFB5iXT1JqCe0ftVTYYb9/2rNJHQnTQ5zfaGXuCoT6aJmR7bWy7jhsGlxuDyON1bVTw8Sq0DGXZPmAwhZAqGwnhs0YDYH+VTtZA1fgY5EXQmafC8UPYExY9WKeNgCo22w== user@machine"
+  - login: ecies
+    sudo: no
+    displ: 2
+    sshkey: no
+    name: Emma
+