From e6fad5b669df48cdefe62283bd359dcd1c134315 Mon Sep 17 00:00:00 2001
From: mohammad-ahmadi-r <mamad.dezel14@gmail.com>
Date: Wed, 20 Aug 2025 06:14:47 -0400
Subject: [PATCH 1/2] added new task and optimized playbook

---
 part01-create-user/create-user.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/part01-create-user/create-user.yml b/part01-create-user/create-user.yml
index 5e5691c..bb227a9 100644
--- a/part01-create-user/create-user.yml
+++ b/part01-create-user/create-user.yml
@@ -1,6 +1,7 @@
 ---
 - hosts: all
   become: true
+  gather_facts: False
   vars:
     the_user: "devops"
 
@@ -8,7 +9,7 @@
     - name: create-user
       user:
         name: "{{ the_user }}"
-        groups: root,wheel
+        groups: root
         shell: /bin/bash
         state: present
         create_home: yes
@@ -20,9 +21,16 @@
         ssh_key_bits: 2048
         ssh_key_file: .ssh/id_rsa
 
+    - name: Copy local SSH public key to target
+      authorized_key:
+        user: "{{ the_user }}"
+        state: present
+        manage_dir: yes
+        key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"
+
     - name: set password
       user:
         name: "{{ the_user }}"
         password: "password"
         password_expire_min: 14
-        password_expire_max: 60
+        password_expire_max: 60
\ No newline at end of file

From 7c1de8b72fd1610a888f524f903a16c701308eae Mon Sep 17 00:00:00 2001
From: mohammad-ahmadi-r <mamad.dezel14@gmail.com>
Date: Wed, 20 Aug 2025 06:23:59 -0400
Subject: [PATCH 2/2] rollback playbook file added

---
 .../ansible-learning-rollback.yml             | 22 +++++++++++++++++++
 part00-getting-ready/ansible.cfg              |  1 +
 2 files changed, 23 insertions(+)
 create mode 100644 part00-getting-ready/ansible-learning-rollback.yml

diff --git a/part00-getting-ready/ansible-learning-rollback.yml b/part00-getting-ready/ansible-learning-rollback.yml
new file mode 100644
index 0000000..65fd616
--- /dev/null
+++ b/part00-getting-ready/ansible-learning-rollback.yml
@@ -0,0 +1,22 @@
+---
+- name: Revert devops Account
+  hosts: all
+  become: true
+  gather_facts: False
+  tasks:
+    - name: Remove ssh key
+      authorized_key:
+        user: devops
+        key: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/id_rsa.pub') }}"
+        state: absent
+
+    - name: Remove account
+      user:
+        name: devops
+        state: absent
+        remove: yes
+
+    - name: Remove sudo access
+      file:
+        path: /etc/sudoers.d/devops
+        state: absent
diff --git a/part00-getting-ready/ansible.cfg b/part00-getting-ready/ansible.cfg
index 2b2829f..ca7f88a 100644
--- a/part00-getting-ready/ansible.cfg
+++ b/part00-getting-ready/ansible.cfg
@@ -1,6 +1,7 @@
 [defaults]
 inventory = inventory
 remote_user = devops
+
 [privilege_escalation]
 become = true
 become_user = root