commit 30f66fa488f9b1e3a40bec45a3cc7b79fa391612
Author: Blallo <blallo@autistici.org>
Date:   Fri Aug 7 19:24:28 2020 +0200

    Init

diff --git a/tasks/create_user.yml b/tasks/create_user.yml
new file mode 100644
index 0000000..d989d1b
--- /dev/null
+++ b/tasks/create_user.yml
@@ -0,0 +1,24 @@
+---
+- name: Ensure group {{ user.group }} is present
+  group:
+    name: "{{ user.group }}"
+    state: present
+  when: user.group is defined
+
+- name: Ensure user {{ user.username }} is present
+  user:
+    name: "{{ user.username }}"
+    groups:
+      - "{{ user.group }}"
+    home: "{{ user.home }}"
+    create_home: yes
+    system: no
+  when: user.group is defined
+
+- name: Ensure user {{ user.username }} is present
+  user:
+    name: "{{ user.username }}"
+    home: "{{ user.home }}"
+    create_home: yes
+    system: no
+  when: user.group is not defined
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..e806149
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,12 @@
+---
+- name: Giving access to users
+  include_tasks: create_user.yml
+  vars:
+    user: "{{ item }}"
+  with_items: "{{ share_access.users }}"
+
+- name: Giving access to users
+  include_tasks: share.yml
+  vars:
+    user: "{{ item }}"
+  with_items: "{{ share_access.users }}"
diff --git a/tasks/share.yml b/tasks/share.yml
new file mode 100644
index 0000000..b56e878
--- /dev/null
+++ b/tasks/share.yml
@@ -0,0 +1,34 @@
+---
+- name: Ensure .ssh folder is present for user {{ user.username }}
+  file:
+    path: "{{ user.home }}/.ssh"
+    state: directory
+    owner: "{{ user.username }}"
+    group: "{{ user.group|default(user.username) }}"
+    mode: 0700
+
+- name: Generate the keypair for user {{ user.username }}
+  openssh_keypair:
+    path: "{{ user.home }}/.ssh/key"
+    type: ed25519
+    state: present
+    owner: "{{ user.username }}"
+    group: "{{ user.group|default(user.username) }}"
+    mode: 0600
+    force: no
+
+- name: Place key in user's authorized_keys
+  copy:
+    src: "{{ user.home }}/.ssh/key.pub"
+    dest: "{{ user.home }}/.ssh/authorized_keys"
+    remote_src: yes
+    owner: "{{ user.username }}"
+    group: "{{ user.group|default(user.username) }}"
+    mode: 0600
+    force: no
+
+- name: Fetch private key of {{ user.username }}
+  fetch:
+    src: "{{ user.home }}/.ssh/key"
+    dest: "/tmp/{{ user.username }}/"
+    flat: yes