---
- name: Allow wheel to execute any command.
  lineinfile:
    path: /etc/sudeers
    state: present
    regexp: ^%wheel ALL=(ALL) ALL
    line: "%wheel ALL=(ALL) ALL"
    validate: visudo -cf %s

- name: Allow wheel to sudo without password.
  copy:
    dest: /etc/sudoers.d/00-tmp-sudo-full-access
    content: "%wheel ALL=(ALL) NOPASSWD: ALL"
    owner: root
    group: root
    mode: 0440

- name: Create user {{ user_name }}.
  user:
    name: "{{ user_name }}"
    state: present
    create_home: true
    groups: wheel
    append: true
    shell: /bin/bash

- name: Update user {{ user_name }}'s password.
  shell: |
    set -e -o pipefail
    echo {{ user_name }}:{{ user_password }} | chpasswd
  changed_when: true