---
- block:
    - name: Install requirements
      package:
        name: "{{ item }}"
        state: present
      loop: "{{ sudo_packages }}"

    - name: Add base sudo config
      template:
        src: etc/sudoers.j2
        dest: /etc/sudoers
        owner: root
        group: root
        mode: 0440
        validate: "/usr/sbin/visudo -cf %s"

    - name: Add config files to sudoers.d
      template:
        src: etc/sudoers.d/sudo_ext.j2
        dest: "/etc/sudoers.d/{{ item.name }}"
        owner: root
        group: root
        mode: 0440
        validate: "/usr/sbin/visudo -cf %s"
      loop: "{{ sudo_aliases }}"
      loop_control:
        label: "{{ item.name }}"
      when:
        - sudo_aliases is defined
        - item.user_aliases is defined
  become: True
  become_user: root