---

- name: Set Default umask for Users
  lineinfile:
    dest: '/etc/login.defs'
    regexp: "UMASK"
    line: "UMASK 027"
    state: present


- include: xrdp.yml
- include: lightburn.yml
- include: estlcam.yml
- include: slicer.yml
- include: samba.yml


- name: Create tsadmin group
  group: name={{ tsadmin_group }}

- name: Create tsadmin_user
  user: name={{ tsadmin_user }} password={{ tsadmin_pass | password_hash('sha512', tsadmin_salt) }} home=/home/{{ tsadmin_user }} group={{ tsadmin_group }}

- name: Allow 'tsadmin_user' group to have passwordless sudo to other users
  lineinfile:
    dest: /etc/sudoers
    state: present
    regexp: '^{{ tsadmin_user }} ALL=({{ item.value.user }}) NOPASSWD: ALL'
    line: '{{ tsadmin_user }} ALL=({{ item.value.user }}) NOPASSWD: ALL'
    validate: visudo -cf %s
  with_dict:
  - "{{ xrdp_applications }}"

- name: Create tsadmin_user .xsession
  template: src=tsadmin_xsession.j2 dest=/home/{{ tsadmin_user }}/.xsession

- name: Create file cleanup cron
  cron:
    name: "Delete files older than 30 days"
    minute: "0"
    hour: "5"
    job: "find /home/{{ item.value.user }}/data -type f -mtime +30 ! -name \"{{ info_folder_name }}\" -delete"
    user: "{{ item.value.user }}"
  with_dict:
  - "{{ xrdp_applications }}"

- name: Create directory cleanup cron
  cron:
    name: "Delete empty directories"
    minute: "1"
    hour: "5"
    job: "find /home/{{ item.value.user }}/data -type d -empty ! -name \"{{ info_folder_name }}\" -delete"
    user: "{{ item.value.user }}"
  with_dict:
  - "{{ xrdp_applications }}"