#!/bin/env bash

PUBKEY=./id_ansible.pub

useradd ansible --create-home --shell /bin/bash
# Ensure existing but unusable password (for Ubuntu)
usermod -p '*' ansible
mkdir /home/ansible/.ssh
chown -R ansible:ansible /home/ansible/.ssh
install -m 600 $PUBKEY /home/ansible/.ssh/authorized_keys
chmod 700 /home/ansible/.ssh
# Allow passwordless sudo
echo "ansible ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/ansible