---

- name: creating user {{ username }} in wheel group (RHEL/CentOS/Fedora)
  user:
    name: "{{ username }}"
    password: "{{ pwgen | password_hash('sha512') }}"
    state: present
    shell: /bin/bash
    groups: wheel
    append: yes
    generate_ssh_key: yes
    ssh_key_bits: 2048
    ssh_key_file: .ssh/id_rsa
    update_password: on_create
  register: user_created

- name: enable nopasswd sudo (RHEL/CentOS/Fedora)
  lineinfile:
    dest: /etc/sudoers
    regexp: '^%wheel'
    line: "%wheel       ALL=(ALL)       NOPASSWD: ALL"
    state: present
    validate: 'visudo -cf %s'