# users ~~ roles/users/tasks/main.yml
# Manage default users

---

- name: retrieve available users
  shell: awk -F ":" '{ if($3 == 0 || $3 > 999 && $3 < 16000) { print $1 }}' /etc/passwd
  register: valid_users_shell

- name: change shell to zsh for all valid users
  user: name="{{ item }}" shell="{{ path_zsh }}"
  loop: "{{ valid_users_shell.stdout_lines }}"

- name: add operator user
  user:
    name: "{{ user_op }}"
    comment: Operator user
    group: "{{ group_root }}"

- name: remove default users
  user:
    name: "{{ item }}"
    state: absent
    remove: true
  loop:
    - toor
    - pi

- name: generate doas configuration
  template:
    src: doas.conf.j2
    dest: "{{ path_doasconfig }}"
    owner: root
    group: "{{ group_root }}"
    mode: 0644
  when: ansible_become_method == "doas" or ansible_distribution == "OpenBSD"