---
# tasks file for user
# Create user
- name: users -- Ensure wheel group exists
  group:
    name: wheel
    state: present

- name: create users
  ansible.builtin.user:
    name: "{{ user.username }}"
    update_password: on_create
    password: "{{ user.password | password_hash('sha512')}}"
    group: "{{ user.group | default('users') }}"
    groups: "{{ user.groups  | default('') }}"
    shell: "{{ user.shell | default('/bin/bash') }}"
    state: present
    system: "{{ user.system | default('no') }}"
    create_home: true

# 
- name: ssh -- Add public key
  authorized_key: 
    user: "{{ user.username }}" 
    key: "{{ lookup('file', item.keyfile) }}"
    state: present
  with_items: "{{ user.public_key }}"
    #when: user.public_key
  when: false

# Dotfiles
- name: set dotfiles
  import_tasks: dotfiles.yml

- name: user owns its create_home
  file:
    path: "/home/{{ user.username }}/.dotfiles"
    owner: "{{ user.username }}"
    group: users