#####################################
### someone's ansible provisioner ###
#####################################
# Part of: https://git.somenet.org/root/pub/somesible.git
# 2017-2024 by someone <someone@somenet.org>
#
---
- name: create {{user.name}} user
  user:
    name: "{{user.name}}"
    home: "{{user.home | default ('/home/'+user.name)}}"
    shell: "{{user.shell | default ('/bin/bash')}}"
    groups: "{{user.groups | default ('')}}"
    append: yes
    createhome: no
    state: present


- name: create {{user.name}} user's homedir
  file:
    path: "{{user.home | default ('/home/'+user.name)}}"
    state: directory
    mode: "{{user.homemode | default ('0750')}}"
    owner: "{{user.name}}"
    group: "{{user.name}}"


- name: copy {{user.name}}'s .profile
  copy:
    src: "{{item}}"
    dest: "{{user.home | default ('/home/'+user.name)}}/.profile"
    force: "{{user.force | default ('no')}}"
    mode: 0755
    owner: "{{user.name}}"
    group: "{{user.name}}"
  with_first_found:
    - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/{{user.name}}/profile"
    - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/{{user.name}}/profile"
    - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/{{user.name}}/profile"
    - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/profile"
    - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/profile"
    - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/profile"
    - "default/profile"


- name: symlink {{user.name}}'s .zprofile to .profile
  file:
    src: "{{user.home | default ('/home/'+user.name)}}/.profile"
    dest: "{{user.home | default ('/home/'+user.name)}}/.zshrc"
    force: "{{user.force | default ('no')}}"
    mode: 0755
    owner: "{{user.name}}"
    group: "{{user.name}}"
    state: link
  ignore_errors: yes


- name: create {{user.name}}'s .ssh dir
  file:
    path: "{{user.home | default ('/home/'+user.name)}}/.ssh"
    state: directory
    mode: 0700
    owner: "{{user.name}}"
    group: "{{user.name}}"


- name: copy {{user.name}}'s .ssh/config
  copy:
    src: "{{item}}"
    dest: "{{user.home | default ('/home/'+user.name)}}/.ssh/config"
    force: "{{user.force | default ('no')}}"
    mode: 0600
    owner: "{{user.name}}"
    group: "{{user.name}}"
  with_first_found:
    - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/{{user.name}}/ssh_config"
    - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/{{user.name}}/ssh_config"
    - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/{{user.name}}/ssh_config"
    - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/ssh_config"
    - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/ssh_config"
    - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/ssh_config"
    - "default/ssh_config"


- name: copy {{user.name}}'s authorized_keys
  copy:
    src: "{{item}}"
    dest: "{{user.home | default ('/home/'+user.name)}}/.ssh/authorized_keys"
    force: "{{user.force | default ('no')}}"
    mode: 0600
    owner: "{{user.name}}"
    group: "{{user.name}}"
  with_first_found:
    - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/{{user.name}}/authorized_keys"
    - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/{{user.name}}/authorized_keys"
    - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/{{user.name}}/authorized_keys"
    - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/authorized_keys"
    - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/authorized_keys"
    - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/authorized_keys"
    - "default/authorized_keys"