---

- name: (sudoers.yml) update specific sudoers configuration files (/etc/sudoers.d/)
  template:
    src: etc/sudoers.d/50-user.j2
    dest: /etc/sudoers.d/50-user
    validate: visudo -cf %s
    owner: root
    group: root
    mode: 0440
  tags:
    - sudoers-file-configuration

- name: (sudoers.yml) update global sudoers configuration file
  template:
    src: etc/sudoers.j2
    dest: /etc/sudoers
    owner: root
    group: root
    mode: 0440
    validate: visudo -cf %s
  tags:
    - sudoers-global-configuration

#- name: (sudoers.yml) Ensure all sudo_users are in sudo group
#  user:
#    name: "{{ item }}"
#    groups: sudo
#    append: yes
#  with_items: "{{ sudo_users }}"
#  tags:
#    - sudo-users