- set_fact:
    defaultuser:
      genssh: false
      group: ~
      groups: []
      home: "{{ ('/var/lib/'+currentuser.key) if (currentuser.value.system|d(True)) else ('/home/'+currentuser.key) }}"
      system: true
      state: present
      uid: "{{ omit }}"
      password: "*"
      shell: "/usr/sbin/nologin"
      authorized_keys: {}

- set_fact:
    user: "{{ defaultuser|combine(currentuser.value|d({}), {'name': currentuser.key} ) }}"

- name: "create user ({{ user.name }})"
  user:
    name: "{{ user.name }}"
    generate_ssh_key: "{{ user.genssh }}"
    ssh_key_type: ed25519
    group: "{{ user.group }}"
    groups: "{{ user.groups }}"
    home: "{{ (user.home) }}"
    system: "{{ user.system }}"
    state: "{{ user.state }}"
    uid: "{{ user.uid|d(omit) }}"
    password: "{{ user.password }}"
    shell: "{{ user.shell }}"

- name: "setup ssh key(s) ({{ user.name }})"
  loop: "{{ user.authorized_keys|dict2items }}"
  authorized_key:
    user: "{{ user.name }}"
    key: "{{ item.value }}"
    comment: "{{ item.key }}"