---
- name: "user : create user"
  ansible.builtin.user:
    name: "{{ music_user_name }}"
    create_home: true
    home: "{{ music_user_home_directory }}"
    password: "{{ music_user_password }}"
  register: music_rip_user_create

- name: "rip : set default shell"
  ansible.builtin.user:
    name: "{{ music_user_name }}"
    shell: "/usr/bin/rbash"

- block:

    - name: "user : set home directory ownership"
      ansible.builtin.file:
        path: "{{ music_user_home_directory }}"
        state: "directory"
        owner: "{{ music_user_name }}"
        group: "{{ music_user_name }}"
        recurse: true

    - name: "user : ensure XDG_RUNTIME_DIR is set"
      ansible.builtin.shell: |
        echo '\nexport XDG_RUNTIME_DIR=/run/user/$(id -u)' >> \
        {{ music_user_home_directory }}/.bashrc

  when:
    music_rip_user_create.changed

- name: "user : set authorized key"
  ansible.posix.authorized_key:
    user: "{{ music_user_name }}"
    state: "present"
    key: "{{ lookup('ansible.builtin.file', music_rip_public_key_file) }}"