- name: Make user
  user:
    name: "{{ f2b_user }}"
    comment: "{{ me.user }}"
    shell: /home/{{ f2b_user }}/f2b-entrypoint.sh
    system: false
  become: true

- name: Give user sudo access to client
  lineinfile:
    path: /etc/sudoers
    line: "{{ f2b_user }} ALL=(ALL) NOPASSWD: /usr/bin/fail2ban-client"
  become: true

- name: Allow custom shell
  lineinfile:
    path: /etc/shells
    line: /home/{{ f2b_user }}/f2b-entrypoint.sh
  become: true

- name: Create entrypoint
  template:
    src: files/f2b-entrypoint.sh
    dest: /home/{{ f2b_user }}/f2b-entrypoint.sh
    mode: "755"
  become: true
  register: sshd_config

- name: Set up authorized keys
  ansible.posix.authorized_key:
    user: "{{ f2b_user }}"
    state: present
    key: "{{ lookup('file', 'files/f2b_key.pub') }}"
  become: true