---
- hosts: beaker.n39.eu
  become: true

  vars:
    ansible_python_interpreter: /usr/bin/python3

  roles:

  tasks:

    - name: enable proxmox gui login for admin users
      ansible.builtin.lineinfile:
        path: /etc/pve/user.cfg
        regexp: "^user:{{ item.logname }}@pam"
        insertafter: "^user:"
        line: "user:{{ item.logname }}@pam:1:0:::{{ item.email }}:::"
        state: present
      loop: "{{ users }}"

    - name: configure proxmox admin group
      ansible.builtin.lineinfile:
        path: /etc/pve/user.cfg
        regexp: "^group:Admins:"
        # group:Admins:kwasir@pam,lespocky@pam,tux@pam::
        line: "group:Admins:{{ users | map(attribute = 'logname') | join(\"@pam,\") }}@pam::"

  handlers: