---
# tasks file for ansible-user
- name: Print user name
  ansible.builtin.debug:
    msg: '{{ user_name }}'
- name: Create system user
  become: true
  ansible.builtin.user:
    name: '{{ user_name }}'
    system: true
    password: "{{ user_password | default('') }}"
    groups: "{{ user_groups | join(',') }}"
    uid: "{{ user_uid }}"
    home: "{{ user_home | default('/') }}"
    shell: "{{ user_shell | default('/usr/bin/nologin') }}"
  when: user_name != "root" and not user_ldap
- name: Simulate login
  ansible.builtin.stat:
    path: '/home/{{ user.name }}'
  become: true
  become_user: '{{ user.name }}'
  when: user_ldap

- name: Ensure .ssh exist  for user
  become: true
  ansible.builtin.file:
    state: directory
    path: "{{ user_home | default('/') }}/.ssh"
    owner: '{{ user_name }}'
    mode: 0700

- name: Copy  ssh config for user
  become: true
  ansible.builtin.template:
    dest: "{{ user_home | default('/') }}/.ssh/config"
    src: 'config.j2'
    force: true
    mode: '600'
    selevel: s0
    owner: '{{ user_name }}'

- name: Install ssh private key
  become: true
  ansible.builtin.copy:
    content: '{{ item.key }}'
    dest: '{{ user_home }}/.ssh/{{ item.keyname }}'
    mode: 0600
    owner: '{{ user_name }}'
  with_items: '{{ user_privatekey }}'

- name: Deploy SSH-Keys to remote host
  ansible.posix.authorized_key:
    user: '{{ user_name }}'
    key: '{{ item }}'
    exclusive: false
  with_items: '{{ user_authorized_key }}'