---

- name: retrieve all users
  ansible.builtin.getent:
    database: passwd
  register: unix_users__register_getent

- name: parse all users in uid range
  ansible.builtin.set_fact:
    unix_users__parsed_getent: "[
      {% for name, attributes in
        unix_users__register_getent.ansible_facts.getent_passwd.items() %}
      {{ { 'name': name, 'uid': (attributes[2] | int) } }},
      {% endfor %}
      ]"

- name: retrieve minimum available uid
  ansible.builtin.set_fact:
    unix_users__available_uid_min: "{{ unix_users__parsed_getent
      | map(attribute='uid')
      | select('in', unix_users__enabled_uid_slots)
      | max
      | default(unix_users__enabled_uid_min)
      | int }}"

- name: create user with specific uid
  ansible.builtin.user:
    name: "{{ item.username }}"
    uid: "{{ (unix_users__available_uid_min | int) + (index | int) }}"
  loop: "{{ unix_users__users }}"
  loop_control:
    index_var: index
  when: item.username not in (unix_users__parsed_getent | map(attribute='name'))

- name: update user informations
  ansible.builtin.user:
    name: "{{ item.username }}"
    comment: "{{ item.comment | normalize_unicode_to_ansii }}"
  loop: "{{ unix_users__users }}"