#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: assure admin user
  ansible.builtin.user:
    name: "{{ adminuser_name }}"
    append: "{{ adminuser_groups_append }}"
    groups: "{{ adminuser_groups + adminuser_groups_extra }}"
    shell: "{{ adminuser_shell }}"
- name: assure admin user ssh key
  ansible.builtin.user:
    name: "{{ adminuser_name }}"
    generate_ssh_key: yes
    ssh_key_type: "{{ adminuser_ssh_key_type }}"
    ssh_key_file: ".ssh/id_{{ adminuser_ssh_key_type }}"
  when: adminuser_ssh_key
- name: assure admin user ssh authorized keys
  authorized_key: user={{ adminuser_name }} key={{ item }}
  loop: "{{ adminuser_ssh_authorized_keys }}"
- name: remove admin user ssh keys
  authorized_key: state=absent user={{ adminuser_name }} key={{ item }}
  loop: "{{ adminuser_ssh_unauthorized_keys }}"
- name: assure admin user pass
  ansible.builtin.user: name={{ adminuser_name }} password={{ adminuser_password }}
  when: adminuser_password is defined
- name: assure admin user sudo rule
  ansible.builtin.lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }}
  when: adminuser_sudo