Infra/ansible/tasks/users.yml

- name: Ensure groups exists
  when: "inventory_hostname not in groups['prox']"
  ansible.builtin.group:
    name: "{{ user.groupname | default(user.username) }}"
    gid: "{{ user.gid | default(omit) }}"
    state: present

- name: Add users
  when: "inventory_hostname not in groups['prox']"
  ansible.builtin.user:
    name: "{{ user.username }}"
    uid: "{{ user.uid | default(omit) }}"
    group: "{{ user.groupname | default(user.username) }}"
    shell: "{{ user.shell | default('/bin/bash') }}"
    move_home: "{{ user.home | default(omit) }}"
    password: "{{ user.password | password_hash('sha512') | default(omit) }}"

- name: Add a Github key ssh key
  when: "user.github is defined and inventory_hostname not in groups['prox']"
  ansible.posix.authorized_key:
    user: "{{ user.username }}"
    key: "https://github.com/{{ user.github }}.keys"

- name: Add a Github key ssh key
  when: inventory_hostname in groups['prox']
  ansible.posix.authorized_key:
    user: root
    key: "https://github.com/{{ user.github }}.keys"