--- - name: Check if required parameters are set ansible.builtin.assert: that: - user is defined - name: Set up as container host ansible.builtin.include_role: name: container-host - name: Create user ansible.builtin.user: name: "{{ user }}" home: "{{ home | default(omit) }}" uid: "{{ uid | default(omit) }}" state: present - name: Add public keys for user '{{ user }}' ansible.posix.authorized_key: user: "{{ user }}" key: "{{ lookup('file', '../../access/keys/' + item + '.pub') }}" state: present # Note: we don't remove other/existing keys with_items: "{{ global_ssh_keys + (ssh_keys[user] | default([])) + (ssh_keys['*'] | default([])) }}" - name: Create unit files dir ansible.builtin.file: path: ~/.config/containers/systemd state: directory become: true become_user: "{{ user }}" # Note: We check whether lingering is already enabled so we show as OK/skipped instead of changed - name: Check if user is lingering ansible.builtin.stat: path: "/var/lib/systemd/linger/{{ user }}" register: user_lingering - name: Enable session lingering ansible.builtin.command: "loginctl enable-linger {{ user }}" when: - not user_lingering.stat.exists