From 2d4eb76f248adcba80b8202307c8d3cdd7f31944 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sun, 8 Jun 2025 09:00:16 -0500
Subject: [PATCH] users: Do not clear supplemental groups

To ensure the `users.yml` playbook is idempotent in cases where the
users it manages are also managed by other playbooks, we have to set
`append: true`.  This prevents the managed user(s) from being removed
from additional groups other playbooks may have added them to.
---
 users.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/users.yml b/users.yml
index 8d41dcd..2caa5c0 100644
--- a/users.yml
+++ b/users.yml
@@ -16,6 +16,7 @@
       comment: '{{ item.comment | d(omit) }}'
       uid: '{{ item.uid | d(omit) }}'
       groups: '{{ item.groups | d(omit) }}'
+      append: true
       create_home: true
       local: true
       password: '*'