- name: users | lowpriv | add user to system
  user:
    name: lowpriv
    comment: Restricted user for interactive shell
    shell: /usr/bin/rbash
    state: present
    create_home: True
    generate_ssh_key: False
    password_lock: True

- name: users | lowpriv | getent user home directory
  getent:
    database: passwd
    key: "lowpriv"
    split: ":"
  register: getent_passwd_lowpriv
  changed_when: false

- name: users | lowpriv | set home directory fact
  set_fact:
    user_home: "{{ getent_passwd_lowpriv.ansible_facts.getent_passwd['lowpriv'][4] }}"
    user: "lowpriv"

- name: users | lowpriv | import ssh configuration tasks from base role
  include_role:
    name: base
    tasks_from: users/setup_ssh/install_public_keys.yml

- name: users | lowpriv | import known_hosts task from base role
  include_role:
    name: base
    tasks_from: users/setup_ssh/install_known_hosts.yml