---
- hosts: userhosts
  remote_user: ansible
  vars:
    git_url: "https://git.togrand.xyz"

  tasks:
  - name: fetch user list from api
    uri:
      url: "{{ git_url }}/api/v1/orgs/mrtogrand/members"
      return_content: yes
    register: members

  - name: "create users"
    user:
      name: "{{ item | lower }}"
      skeleton: "/etc/skel/"
      shell: "/bin/bash"
    become: true
    with_items: "{{ members | json_query('json[*].login') }}"

  - name: import user public keys
    authorized_key:
      key: "{{ git_url }}/{{ item }}.keys"
      exclusive: yes
      user: "{{ item | lower }}"
    become: true
    with_items: "{{ members | json_query('json[*].login') }}"

  - name: install essential packages
    apt: name={{ item }} state=latest
    become: true
    with_items:
    - cowsay
    - fail2ban
    - fortune
    - htop
    - neovim
    - sudo
    - tmux
    - tree
    - ufw
    - vim
    - zsh
    - zsh-doc