From a89e985df1cf0609efd0c570e88598ba9622cdcc Mon Sep 17 00:00:00 2001
From: Simeon Keske <ca-git@noemis.me>
Date: Fri, 3 Apr 2020 13:09:29 +0200
Subject: [PATCH] only add users to pve admin group, if are can sudo

---
 tasks/user.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/user.yml b/tasks/user.yml
index ebe35ea..e8b13b6 100644
--- a/tasks/user.yml
+++ b/tasks/user.yml
@@ -74,4 +74,4 @@
     cmd: 'pveum usermod {{ item.username if item.username is defined else item.name }}@pam -group admin'
   with_items:
   - "{{ users }}"
-  when: item.state != 'absent' and 'proxmox' in group_names
+  when: item.state != 'absent' and 'proxmox' in group_names and item.sudo is defined and item.sudo