---
- name: Add the cockpit user for systems with cockpit installed
  hosts: all
  gather_facts: true
  become: True
  tasks:
    - name: populate package mgr facts
      package_facts:
        manager: auto

    - name: Add cockpit user if cockpit is installed
      user:
        name: "cockpit"
        comment: "cockpit user for web interface"
        create_home: false
        local: true
        group: "wheel"
        groups: "cockpit-ws"
        shell: "/sbin/nologin"
        create_home: false
        uid: "986"
        system: true
        password: "***CONTENTS REDACTED***"
        state: present
      when: "'cockpit' in ansible_facts.packages"

    - name: add cockpit to sudoers file w/o psswd
      sudoers:
        commands: ALL
        host: ALL
        name: cockpit-nopsswd
        nopassword: True
        state: present
        user: cockpit
        validation: detect
      when: "'cockpit' in ansible_facts.packages"

    - name: ensure account has nothing locking it
      shell:  |
        usermod -U cockpit
        usermod -e "" cockpit
        chage -E -1 cockpit
        chage -I -1 cockpit
        exit 0
      args:
        executable: /bin/bash
      when: "'cockpit' in ansible_facts.packages"