---
- name: Create user account
  vars:
    configuration_user_group: >-
      {{ "sudo" if is_debian | bool else "wheel" }}
    configuration_useradd_cmd: >-
      arch-chroot /mnt /usr/sbin/useradd --create-home --user-group
      --groups {{ configuration_user_group }} {{ user_name }}
      --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
    configuration_root_cmd: >-
      arch-chroot /mnt /usr/sbin/usermod --password
      '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
  ansible.builtin.command: "{{ item }}"
  loop:
    - "{{ configuration_useradd_cmd }}"
    - "{{ configuration_root_cmd }}"
  register: configuration_user_result
  changed_when: configuration_user_result.rc == 0

- name: Ensure .ssh directory exists
  when: user_public_key | length > 0
  ansible.builtin.file:
    path: /mnt/home/{{ user_name }}/.ssh
    state: directory
    owner: 1000
    group: 1000
    mode: "0700"

- name: Add SSH public key to authorized_keys
  when: user_public_key | length > 0
  ansible.builtin.lineinfile:
    path: /mnt/home/{{ user_name }}/.ssh/authorized_keys
    line: "{{ user_public_key }}"
    owner: 1000
    group: 1000
    mode: "0600"
    create: true