---

- name: "Add groups" 
  group:
    name: "{{ item.name }}"
    state: present
  loop: "{{ system.users }}"

- name: "Add users" 
  user:
    append: yes
    name: "{{ item.name }}"
    group: "{{ item.name }}"
    groups: "{{ item.groups | default() }}"
    shell: "{{ item.shell | default('/bin/sh') }}"
    password: "{{item.password | password_hash('sha512', 65534 | random(seed=inventory_hostname) | string) }}"
  when: item.name != 'root'
  loop: "{{ system.users }}"

- name: "Create ~/.ssh directory for users"
  file:
    state: directory
    dest: "/home/{{ item.name }}/.ssh/"
    mode: 0755
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name != 'root'
  loop: "{{ system.users }}"

- name: "Place ssh-key for users"
  copy:
    content: "{{ item.allowedSshKeys | join('\n') }}"
    dest: "/home/{{ item.name }}/.ssh/authorized_keys"
    mode: 0644    
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name != 'root'
  loop: "{{ system.users }}"

- name: "Create ~/.ssh directory for root"
  file:
    state: directory
    dest: "/root/.ssh/"
    mode: 0755
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name == 'root'
  loop: "{{ system.users }}"

- name: "Place ssh-key for root"
  copy:
    content: "{{ item.allowedSshKeys | join('\n') }}"
    dest: "/root/.ssh/authorized_keys"
    mode: 0644    
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name == 'root'
  loop: "{{ system.users }}"