---
# User Management Playbook
# Create admin users, generate SSH keys, configure sudo

- name: Manage SSH Users
  hosts: all
  become: yes
  gather_facts: yes
  
  roles:
    - role: ssh_users
      when: admin_users is defined and admin_users | length > 0

  post_tasks:
    - name: Display SSH keys location
      ansible.builtin.debug:
        msg:
          - "========================================="
          - "SSH Keys Generated"
          - "========================================="
          - "Location: {{ ssh_keys_local_dir }}/{{ inventory_hostname }}/"
          - ""
          - "Copy private keys to your machine:"
          - "scp -r {{ ssh_keys_local_dir }}/{{ inventory_hostname }}/ ~/.ssh/"
          - ""
          - "Test SSH access:"
          - "ssh -i ~/.ssh/{{ inventory_hostname }}/USERNAME_id_ed25519 USERNAME@{{ inventory_hostname }}"
          - "========================================="
      when: admin_users | selectattr('generate_keys', 'defined') | selectattr('generate_keys') | list | length > 0
      delegate_to: localhost
      run_once: true