--- # The ZSH installation instructions are sourced from this blog: # https://harshithashok.com/tools/oh-my-zsh-with-starship/ - name: Create the user when: user_username is not undefined # Skip when no user is provided, we'll asume we're targetting the Ansible user. block: - name: Create a new user become: true ansible.builtin.user: append: true groups: - users name: "{{ user_username }}" # Salt is necessary, see: https://stackoverflow.com/questions/56869949/ansible-user-module-always-shows-changed password: "{{ user_password | password_hash('sha512', password_salt) }}" - name: Ensure .ssh directory exists in user home become: true become_user: "{{ user_username }}" ansible.builtin.file: path: "/home/{{ user_username }}/.ssh" state: directory mode: "0700" # We're assuming that the ansible user has its authorized keys setup before running the playbook and that all created users using this # rule want the same machines to be able to access them. - name: Copy over authorized keys from the main ansible user become: true ansible.builtin.copy: remote_src: true src: "/home/{{ ansible_facts['user_id'] }}/.ssh/authorized_keys" dest: "/home/{{ user_username }}/.ssh/" owner: "{{ user_username }}" group: "{{ user_username }}" mode: "0600" - name: Set fact for defining the user which should run the next modules ansible.builtin.set_fact: target_user: "{{ ansible_facts['user_id'] if user_username is undefined else user_username }}" # The "lingering" property seems to be important to Podman, otherwise errors are thrown as mentioned here: # https://superuser.com/questions/1788594/podman-the-cgroupv2-manager-is-set-to-systemd-but-there-is-no-systemd-user-sess - name: "Check if lingering is enabled (user: {{ target_user }})" ansible.builtin.command: cmd: "loginctl show-user {{ target_user }} --property=Linger" register: linger_check changed_when: false failed_when: false - name: "Enable systemd \"lingering\" (user: {{ target_user }})" become: true ansible.builtin.command: cmd: "loginctl enable-linger {{ target_user }}" when: linger_check.rc != 0 changed_when: true - name: Ensuring ZSH is installed become: true ansible.builtin.apt: pkg: - acl # Needed to prevent this error: https://stackoverflow.com/questions/46352173/ansible-failed-to-set-permissions-on-the-temporary - zsh state: present - name: Install Oh My ZSH # noqa: command-instead-of-module ignore error since we're removing the script after install. become: true become_user: "{{ target_user }}" ansible.builtin.shell: | wget https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh chmod u+x install.sh ./install.sh --unattended rm install.sh args: executable: /bin/bash creates: ~/.oh-my-zsh - name: Install Starship # noqa: command-instead-of-module ignore error since we're removing the script after install. become: true ansible.builtin.shell: | wget https://starship.rs/install.sh chmod u+x install.sh ./install.sh --yes rm install.sh args: executable: /bin/bash creates: /usr/local/bin/starship - name: Install zsh-autosuggestions # noqa: command-instead-of-module ignore error since we're removing the script after install. become: true become_user: "{{ target_user }}" ansible.builtin.command: cmd: git clone https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions creates: ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions - name: Clear "ZSH_THEME" in ~/.zshrc become: true become_user: "{{ target_user }}" ansible.builtin.lineinfile: path: ~/.zshrc regexp: '^ZSH_THEME="[^"]+"$' line: ZSH_THEME="" - name: Add the zsh-autosuggestions plugin in ~/.zshrc become: true become_user: "{{ target_user }}" ansible.builtin.lineinfile: path: ~/.zshrc regexp: '^plugins=\((.*)(?