- name: create administrator
  user:
    name: administrator
    update_password: on_create
    password: "{{ user_administrator_initial_password | password_hash('sha512') }}"
    create_home: yes
    generate_ssh_key: yes
    ssh_key_type: rsa
    ssh_key_bits: 8192
  when: run_once_user_administrator is not defined

- name: "set correct rights for {{path_administrator_home}}"
  file:
    path: "{{path_administrator_home}}"
    state: directory
    owner: administrator
    group: administrator
    mode: 0700
  when: run_once_user_administrator is not defined

- name: "create {{path_administrator_scripts}}"
  file:
    path: "{{path_administrator_home}}scripts"
    state: directory
    owner: administrator
    group: administrator
    mode: 0700
  when: run_once_user_administrator is not defined
    
- name: create {{path_administrator_home}}.ssh/authorized_keys
  copy:
    src: "{{ inventory_dir }}/files/{{ inventory_hostname }}{{path_administrator_home}}.ssh/authorized_keys"
    dest: "{{path_administrator_home}}.ssh/authorized_keys"
    owner: administrator
    group: administrator
    mode: '0644'
  when: run_once_user_administrator is not defined

- name: grant administrator sudo rights with password
  copy:
    src: "administrator"
    dest: /etc/sudoers.d/administrator
    mode: '0644'
    owner: root
    group: root
  notify: sshd restart
  when: run_once_user_administrator is not defined

- name: "create {{path_administrator_home}}volumes/"
  file:
    path: "{{path_administrator_home}}volumes"
    state: directory
    owner: administrator
    group: administrator
    mode: 0700
  when: run_once_user_administrator is not defined

- name: run the user_administrator tasks once
  set_fact:
    run_once_user_administrator: true
  when: run_once_user_administrator is not defined