---

- ansible.builtin.fail:
    msg: "You must provide a value for the 'tomcat_instance_port' variable."
  when: tomcat_instance_port is not defined or tomcat_instance_port | length == 0


- name: "Test if uid '{{ tomcat_instance_port }}' exists"
  ansible.builtin.command:
    cmd: 'id -un -- "{{ tomcat_instance_port }}"'
  register: get_login_from_id
  failed_when: False
  changed_when: False
  check_mode: no

- name: "Fail if uid already exists for another user"
  ansible.builtin.fail:
    msg: "Uid '{{ tomcat_instance_port }}' is already used by '{{ get_login_from_id.stdout }}'. You must change uid for '{{ tomcat_instance_name }}'"
  when:
    - get_login_from_id.rc == 0
    - get_login_from_id.stdout != tomcat_instance_name

- name: Create group instance

  ansible.builtin.group:
    name: "{{ tomcat_instance_name }}"
    gid: "{{ tomcat_instance_port }}"

- name: Create user instance
  ansible.builtin.user:
    name: "{{ tomcat_instance_name }}"
    group: "{{ tomcat_instance_name }}"
    uid: "{{ tomcat_instance_port }}"
    home: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}"
    shell: '/bin/bash'
    createhome: no

- name: Create home dir
  ansible.builtin.file:
    path: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}"
    state: directory
    owner: "{{ tomcat_instance_name }}"
    group: "{{ tomcat_instance_name }}"
    mode: "u=rwx,g=rwxs,o="

- name: Is /etc/aliases present?
  ansible.builtin.stat:
    path: /etc/aliases
  register: etc_aliases

- name: Set mail alias for user
  ansible.builtin.lineinfile:
    dest: '/etc/aliases'
    state: present
    line: "{{ tomcat_instance_name }}: {{ tomcat_instance_mail }}"
    regexp: "{{ tomcat_instance_name }}:"
  when: etc_aliases.stat.exists and tomcat_instance_mail is defined
  register: tomcat_instance_mail_alias

- name: Run newaliases
  ansible.builtin.command:
    cmd: newaliases
  when: tomcat_instance_mail_alias is changed

- name: Enable sudo right
  ansible.builtin.lineinfile:
    dest: '/etc/sudoers.d/tomcat'
    state: present
    mode: "0440"
    create: yes
    line: "%{{ tomcat_instance_name }} ALL = ({{ tomcat_instance_name }}) SETENV: ALL"
    validate: 'visudo -cf %s'

- name: Enable sudo right for deploy user
  ansible.builtin.lineinfile:
    dest: '/etc/sudoers.d/tomcat'
    state: present
    mode: "0440"
    create: yes
    line: "{{ tomcat_instance_deploy_user }} ALL = ({{ tomcat_instance_name }}) NOPASSWD: SETENV: ALL"
    validate: 'visudo -cf %s'
  when: tomcat_instance_deploy_user is defined