# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

---
- name: Create users for organization's sysadmins
  hosts: dolibar
  remote_user: debian
  vars:
    members:
      - { "name": aravinth, ssh_key_file: "artifacts/aravinth.pub" }
      - { "name": harsha, ssh_key_file: "artifacts/harsha.pub" }

  pre_tasks:
    - name: Ensure all VMs are reachable
      ansible.builtin.ping:

  tasks:
    - name: Create user "{{ item.name }}"
      become: true
      notify: force change password
      ansible.builtin.user:
        name: "{{ item.name }}"
        shell: /bin/bash
        groups: sudo
        state: present
      loop: "{{ members }}"


    - name: Install SSH keys
      become: true
      ansible.posix.authorized_key:
        user: "{{ item.name }}"
        state: present
        key: "{{ lookup('file', item.ssh_key_file) }}"
      loop: "{{ members }}"

  handlers:
    - name: force change password
      become: true
      command: "chage -d 0 {{ item.name }}"
      loop: "{{ members }}"