---
- name: borg_server - create group
  group:
    name: "{{ borgbackup_server_group }}"
    state: present

- name: borg_server - create user
  user:
    name: "{{ borgbackup_server_user }}"
    group: "{{ borgbackup_server_group }}"
    groups:
    home: "{{ borgbackup_server_home }}"
    createhome: yes
    shell: /bin/bash
    state: present

- name: borg_server - manage permissions
  file:
    path: "{{ item }}"
    owner: "{{ borgbackup_server_user }}"
    group: "{{ borgbackup_server_group }}"
    mode: 0700
    state: directory
  with_items:
    - "{{ borgbackup_server_home }}"
    - "{{ borgbackup_server_home }}/.ssh"
    - "{{ borgbackup_server_pool }}"

- name : borg_server - create authorized_keys
  stat:
    path: "{{ borgbackup_server_home }}/.ssh/authorized_keys"
  register: authorized_keys

- name: borg_server - manage permissions for authorized_keys
  file:
    path: "{{ borgbackup_server_home }}/.ssh/authorized_keys"
    owner: "{{ borgbackup_server_user }}"
    group: "{{ borgbackup_server_group }}"
    mode: 0600
    state: '{{ "file" if  authorized_keys.stat.exists else "touch" }}'