added tasks for a bastion host

roles/bastion/tasks/user_hardening.yml

@@ -0,0 +1,24 @@
+---
+- name: system setup | user hardening | remove unnecessary system accounts
+  tags: users,hardening,system
+  user:
+    name: "{{ item }}"
+    state: absent
+    remove: true # Also removes home directory and mail spool
+  loop:
+    # Legacy or unused service accounts
+    - lp
+    - sync
+    - shutdown
+    - halt
+    - mail
+    - news
+    - uucp
+    - proxy
+    - backup
+    - list
+    - irc
+    - gnats
+    - games
+  notify: update aide database
+  ignore_errors: true # Some users might not exist, which is fine