From 45dd331dba582feadb45d12890fed7ed7247f48b Mon Sep 17 00:00:00 2001
From: Roxedus <me@roxedus.dev>
Date: Mon, 16 Aug 2021 23:50:14 +0200
Subject: [PATCH] Redo user task

---
 ansible/group_vars/all.yml    |  4 +++-
 ansible/group_vars/docker.yml |  4 ++--
 ansible/run.yml               | 26 ++++----------------------
 ansible/tasks/users.yml       | 20 ++++++++++++++++++++
 4 files changed, 29 insertions(+), 25 deletions(-)
 create mode 100644 ansible/tasks/users.yml

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index e25ffba..7c21b3d 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -8,6 +8,8 @@ users:
     home: yes
     uid: "1000"
     gid: "1000"
+    docker: True
+    passwordless: True
     github: Roxedus
     password: "{{ secret_rox_pass }}"
 
@@ -37,4 +39,4 @@ security_ssh_usedns: "no"
 security_autoupdate_enabled: true
 security_fail2ban_enabled: true
 security_sudoers_passwordless:
-  - "{{ users.0.username }}"
+  - "{{ users|selectattr('passwordless', 'defined')|map(attribute='username') }}"
diff --git a/ansible/group_vars/docker.yml b/ansible/group_vars/docker.yml
index 8248cb0..fa133d8 100644
--- a/ansible/group_vars/docker.yml
+++ b/ansible/group_vars/docker.yml
@@ -1,3 +1,3 @@
 docker_install_compose: false
-docker_users:
-    - "{{ users.0.username }}"
+docker_users_obj: "{{ users|selectattr('docker', 'defined') }}"
+docker_users: "{{ docker_users_obj|map(attribute='username') }}"
diff --git a/ansible/run.yml b/ansible/run.yml
index 3ac815d..658eb9a 100644
--- a/ansible/run.yml
+++ b/ansible/run.yml
@@ -21,28 +21,10 @@
     - ansible.builtin.dpkg_selections
 
   pre_tasks:
-    - name: Ensure groups exists
-      register: group_exist
-      ansible.builtin.group:
-        name: "{{ item.groupname }}"
-        gid: "{{ item.gid | default(None) }}"
-        state: present
-      loop: "{{ users }}"
-
-    - name: Add users
-      ansible.builtin.user:
-        name: "{{ item.username }}"
-        uid: "{{ item.uid | default(None) }}"
-        group: "{{ item.groupname | default(item.username) }}"
-        shell: /bin/bash
-        move_home: "{{ item.home | default(None) }}"
-        password: "{{ item.password | default(None) }}"
-      loop: "{{ users }}"
-
-    - name: Add a ssh key
-      ansible.posix.authorized_key:
-        user: "{{ users.0.username }}"
-        key: "https://github.com/{{ users.0.github }}.keys"
+    - include_tasks: tasks/users.yml
+      with_items: "{{ users }}"
+      loop_control:
+        loop_var: user
 
     - name: Change hostname
       when: "set_hostname is defined"
diff --git a/ansible/tasks/users.yml b/ansible/tasks/users.yml
new file mode 100644
index 0000000..16d88b2
--- /dev/null
+++ b/ansible/tasks/users.yml
@@ -0,0 +1,20 @@
+- name: Ensure groups exists
+  ansible.builtin.group:
+    name: "{{ user.groupname }}"
+    gid: "{{ user.gid | default(None) }}"
+    state: present
+
+- name: Add users
+  ansible.builtin.user:
+    name: "{{ user.username }}"
+    uid: "{{ user.uid | default(None) }}"
+    group: "{{ user.groupname | default(user.username) }}"
+    shell: "{{ user.shell | default('/bin/bash') }}"
+    move_home: "{{ user.home | default(None) }}"
+    password: "{{ user.password | default(None) }}"
+
+- name: Add a Github key ssh key
+  when: "user.github is defined"
+  ansible.posix.authorized_key:
+    user: "{{ user.username }}"
+    key: "https://github.com/{{ user.github }}.keys"