---
- name: Butter Base
  hosts: all
  become: true
  tasks:
    - name: Ensure butter_user user exists
      ansible.builtin.user:
        name: "{{ butter_user }}"
        state: present

    - name: Ensure butter_user group exists
      ansible.builtin.group:
        name: "{{ butter_user }}"
        state: present

    - name: Add butter user to sudo group
      ansible.builtin.user:
        name: "{{ butter_user }}"
        groups: sudo
        append: true

    - name: Allow passwordless sudo for butter user
      ansible.builtin.lineinfile:
        path: /etc/sudoers
        state: present
        regexp: "^{{ butter_user }}"
        line: "{{ butter_user }} ALL=(ALL) NOPASSWD:ALL"
        validate: '/usr/sbin/visudo -cf %s'

    - name: Make sure /etc/resolv.conf is populated
      ansible.builtin.lineinfile:
        path: /etc/resolv.conf
        regexp: '^nameserver 1.1.1.1'
        line: 'nameserver 1.1.1.1'
        state: present
        insertafter: EOF
        create: true
        owner: root
        group: root
        mode: '0644'