---

# ---
# - Remove unwanted users
# ---

- name: (user.yml) Remove (old) users from system
  user:
    name: '{{ item.name }}'
    state: absent
  with_items: 
    - "{{ remove_system_users }}"
  loop_control:
    label: '{{ item.name }}'
  tags:
    - system-user

- name: (user.yml) Remove home directory from deleted users
  file:
    path: '{{ base_home }}/{{ item.name }}'
    state: absent
  with_items: 
    - "{{ remove_system_users }}"
  loop_control:
    label: '{{ item.name }}'
  tags:
    - system-user

# ---
# - default user/groups
# ---

- name: (user.yml) Ensure system groups exists
  group:
    name: '{{ item.name }}'
    state: present
    gid: '{{ item.group_id | default(omit) }}'
  loop: "{{ system_groups }}"
  loop_control:
    label: '{{ item.name }}'
  when: item.group_id is defined
  notify: Renew nis databases
  tags:
    - system-user
    
#- meta: end_host

- name: (system-user.yml) Get database of nis (system) users
  getent:
    database: passwd
  tags:
    - system-user

- name: (system-user.yml) Add (system) users if not yet exists..
  shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
  loop: "{{ system_users }}"
  loop_control:
    label: '{{ item.name }}'
  when:
    - item.name not in getent_passwd
  notify: Renew nis databases
  tags:
    - system-user