---
- name: create group 'woodpecker'
  group:
    name: woodpecker
    gid: 502

- name: create user 'woodpecker'
  user:
    name: woodpecker
    uid: 502
    group: woodpecker
    home: /var/lib/woodpecker
    password: "*"  # disabled password but can be accessed with SSH
    groups:
      - deploy
    append: true

- name: additional groups to woodpecker
  user:
    name: woodpecker
    groups: "{{item}}"
    append: true
  when: item in ansible_facts.getent_group
  with_items:
    - docker

- name: make sure woodpecker owns its home
  file:
    state: directory
    path: /var/lib/woodpecker
    owner: woodpecker
    group: woodpecker
    mode: '2755'

- name: commit woodpecker's home to lbu
  lbu:
    include:
      - /var/lib/woodpecker
    exclude:
      - /var/lib/woodpecker/.ash_history
  when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]