- block: - name: "Create user '{{ user.username }}'." tags: users ansible.builtin.user: name: "{{ user.username }}" state: "{{ user.state | default(omit) }}" group: "{{ user.group | default(omit) }}" groups: "{{ user.groups | default(omit) }}" comment: "{{ user.comment | default(omit) }}" shell: "{{ user.shell | default(omit) }}" password: "{{ user.password | default(omit) }}" system: "{{ user.system | default(omit) }}" uid: "{{ user.uid | default(omit) }}" gid: "{{ user.gid | default(omit) }}" update_password: on_create - name: "Create home directory for user '{{ user.username }}'." tags: users ansible.builtin.user: name: "{{ user.username }}" create_home: yes when: ldap_uris is defined and ldap_uris | length > 0 - name: "Create sudoers file for user '{{ user.username }}'." tags: users,sudo ansible.builtin.template: src: "sudoers" dest: "/etc/sudoers.d/{{ user.username }}" owner: root group: root mode: 0440 when: - user.sudo | default(false) - name: "Create config directories for user '{{ user.username }}'." tags: users ansible.builtin.file: path: "{{ user.home_dir | default('/home/' + user.username) }}/{{ item }}" state: directory owner: "{{ user.username }}" group: "{{ user.username }}" mode: 0700 with_items: "{{ user.config_dirs | default([]) }}" - name: "Copy config files for user '{{ user.username }}'." tags: users ansible.builtin.copy: src: "{{ item.src }}" dest: "{{user.home_dir | default('/home/' + user.username) }}/{{ item.dest }}" owner: "{{ user.username }}" group: "{{ user.username }}" mode: 0600 with_items: "{{ user.config_files | default([]) }}" register: dotfiles_installed - name: "Create config files from templates for user '{{ user.username }}'." tags: users ansible.builtin.template: src: "{{ item.src }}" dest: "{{user.home_dir | default('/home/' + user.username) }}/{{ item.dest }}" owner: "{{ user.username }}" group: "{{ user.username }}" mode: 0600 with_items: "{{ user.config_templates | default([]) }}" register: dotfiles_installed - name: "Add ssh public keys for user '{{ user.username }}'." tags: users ansible.builtin.authorized_key: user: "{{ user.username }}" key: "{{ item }}" with_items: "{{ user.ssh_keys | default([]) }}" - name: "Check if .zsh folder exists" stat: path: "{{ user.home_dir | default('/home/' + user.username) }}/.zsh" register: zsh_config_dir - name: "Install antigen for '{{ user.username }}'." tags: users ansible.builtin.get_url: url: https://git.io/antigen dest: "{{ user.home_dir | default('/home/' + user.username) }}/.zsh/antigen.zsh" mode: 0600 when: zsh_config_dir.stat.exists register: zsh_antigen - name: "Check if .tmux folder exists" stat: path: "{{ user.home_dir | default('/home/' + user.username) }}/.tmux" register: tmux_config_dir - name: "Install tpm for user '{{ user.username }}'." tags: users ansible.builtin.git: repo: "https://github.com/tmux-plugins/tpm" dest: "{{ user.home_dir | default('/home/' + user.username) }}/.tmux/plugins/tpm" version: v3.0.0 when: tmux_config_dir.stat.exists register: tmux_tpm - name: "Fix permissions for user '{{ user.username }}'" ansible.builtin.file: path: "{{ item }}" owner: "{{ user.username }}" recurse: yes with_items: - "{{ user.home_dir | default('/home/' + user.username) }}/.tmux/plugins/tpm" - "{{ user.home_dir | default('/home/' + user.username) }}/.zsh" when: tmux_tpm.changed == true or zsh_antigen.changed == true when: - user.state | default('present') == 'present'