---
- name: Ensure Linux group users are configured with UIDs, passwords, groups and keys
  hosts: pepe
  gather_facts: true
  become: True
  tasks:

    - name: "userinfofile"
      include_vars:
        dir: "include/linux_group_users"
        ignore_unknown_extensions: True
        extensions: [ 'userinfo.yaml', 'yaml' ]
    - debug:
        msg: "{{ username }}"

    - name: "Add/modify a user with a specific uid, passwd hash & public key(s)"
      user:
        name: "{{ username }}"
        comment: "{{ fullname }}"
        shell: /bin/bash
        uid: "{{ uid }}"
        password: "{{ shadowhash }}"
        state: present


    - name: "Append the sudo group"
      user:
        name: "{{ username }}"
        groups: sudo
        append: yes
    - name: "Append the sudonopsswd group"
      user:
        name: "{{ username }}"
        groups: sudonopsswd
        append: yes


    - name: "Append/modify the *sudo* group to above user if it exists on the system"
      user:
        name: "{{ username }}"
      with_items:
        - { groups: 'sudo' }
        - { append: 'yes' }
      ignore_errors: true

    - name: "Append/modify the *wheel* group to above user if it exists on the system"
      user:
        name: "{{ username }}"
      with_items:
        - { groups: 'wheel' }
        - { append: 'yes' }
      ignore_errors: true

    - name: "Append/modify the *sudonopsswd* group to above user if it exists on the system"
      user:
        name: "{{ username }}"
      with_items:
        - { groups: 'sudonopsswd' }
        - { append: 'yes' }
      ignore_errors: false

    - name: "Set auth keys for user"
      authorized_key:
        user: "{{ username }}"
        state: present
        key: '{{ item }}'
      with_file:
        - "{{ pubkeysfile }}"
    - debug:
        msg:
          - " PUBKEYSFILE was read in as {{ pubkeysfile }} "