# - name: users | root | ensure account is locked
#   user:
#     name: root
#     password_lock: yes

# - name: users | root | install public ssh keys
#   authorized_key:
#     user: root
#     state: present
#     key: '{{ item }}'
#   with_file:
#     - public_keys/id_dsa.pub
#     - public_keys/id_ed25519.pub
#     - public_keys/rene_id_rsa.pub
#     - public_keys/root_id_rsa.pub
#     - public_keys/yubikey.pub

- name: users | root | install public key for backups
  authorized_key:
    user: root
    state: present
    key: '{{ item }}'
    key_options: 'from="192.168.1.240",command="~/validate-rsync.sh"'
  with_file:
    - public_keys/backup_ed25519.pub

# - name: users | root | install private ssh keys
#   copy:
#     dest: "/root/.ssh/"
#     src: "{{ item }}"
#     owner: root
#     group: root
#     mode: '0600'
#   loop:
#     - "private_keys/gitlab_read_ed25519"

# - name: users | root | install known_hosts
#   copy:
#     dest: "/root/.ssh/known_hosts"
#     src: "users/known_hosts"
#     backup: True
#     mode: '0600'
#     owner: 'root'
#     group: 'root'

# - name: users | root | create script directories
#   file:
#     path: "{{ root_home }}/scripts"
#     state: directory
#     mode: '0755'

- name: users | root | clone root_bins
  git:
    repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git'
    dest: "{{ root_home }}/bin"
    key_file: '/root/.ssh/gitlab_read_ed25519'

# - name: users | root | link dotfiles
#   become: yes
#   become_user: root
#   file:
#     state: link
#     src: "/home/root/dotfiles/{{ item.src }}"
#     path: "home/root/{{ item.dest }}"
#   with_items:
#     - { src: 'vim/vimrc', dest: '.vimrc' }
#     - { src: 'bash/bashrc', dest: '.bashrc' }
#     - { src: 'zsh/zshrc', dest: '.zshrc' }
#     - { src: 'tmux/tmux.conf', dest: '.tmux.conf' }

######################################################
# Learn Linux TV example
######################################################
# - name: users | root | create config directories
#   file:
#     path: /root/{{ item.dir }}
#     state: directory
#     owner: root
#     group: root
#     mode: 0700
#   with_items:
#     - {dir: '.vim'}
#     - {dir: '.vim/colors'}
#   tags: dotfiles

# - name: users | root | copy dotfiles
#   copy:
#     src: users/root/{{ item.src }}
#     dest: /root/{{ item.dest }}
#     owner: root
#     group: root
#     mode: 0600
#   with_items:
#     - {src: 'bash/bashrc', dest: '.bashrc'}
#     - {src: 'bash/bash_profile', dest: '.bash_profile'}
#     - {src: 'bash/profile', dest: '.profile'}
#     - {src: 'tmux/tmux.conf', dest: '.tmux.conf'}
#     - {src: 'vim/vimrc', dest: '.vimrc'}
#     - {src: 'zsh/zshrc', dest: '.zshrc'}
#   tags: dotfiles