- name: validate input
  fail:
    msg: user parameter must be defined and must be a dictionary
  when: user is not defined or user is not mapping


- name: ensure group exists
  group:
    name: "{{ user.group }}"
    gid: "{{ user.gid | d(omit) }}"
    system: "{{ user.is_system | d('yes') }}"
  when: user.group is defined
  notify: "{{ user.notify | d(omit) }}"


- name: ensure user exists
  user:
    name: "{{ user.name }}"
    comment: "{{ user.comment | d(omit) }}"
    group: "{{ user.group | d(omit) }}"
    groups: "{{ user.extra_groups | d(omit) }}"
    uid: "{{ user.uid | d(omit) }}"
    home: "{{ user.dir | d(omit) }}"
    shell: "{{ user.shell | d('/bin/false') }}"
    system: "{{ user.is_system | d('yes') }}"
    create_home: "{{ 'yes' if (user.dir is defined and (user.create_home | d(true) == true)) else 'no' }}"
  when: user.name is defined
  notify: "{{ user.notify | d(omit) }}"


- name: ensure user home dir exists
  file:
    path: "{{ user.dir }}"
    state: directory
    mode: "{{ user.dir_mode | d('0755') }}"
    owner: "{{ user.name }}"
    group: "{{ user.group | d(omit) }}"
  when: user.dir is defined and user.name is defined and (user.create_home | d(true) == true)
  notify: "{{ user.notify | d(omit) }}"