- name: Ajout de l'utilisateur site_SIGLE_SITE
  ansible.builtin.user:
    name: "site_{{ SIGLE }}_{{ SITE }}"
    home: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
    shell: /bin/false
    groups: www-data
    system: true
    append: true
    create_home: false
    password: '!'

- name: Boucle d'ajout d'user dans le groupe site_SIGLE_SITE
  ansible.builtin.user:
    name: "{{ item }}"
    groups: "site_{{ SIGLE }}_{{ SITE }}"
    append: true
  loop:
    - 'www-data'
    - 'backup' # pour borgmatic

- name: Boucle création ou modifications des répertoires home du site
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: "{{ item.state }}"
    owner: "{{ item.owner }}"
    group: "{{ item.group }}"
    mode: "{{ item.mode }}"
  vars: 
    concat: "site_{{ SIGLE }}_{{ SITE }}"
  loop_control:
    label: "{{ item.path }}"
  loop:
    - path: "/home/sites/data/{{ TLD }}"
      state: directory
      owner: 'root'
      group: 'www-data'
      mode: '3751'
    - path: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}"
      state: directory
      owner: 'root'
      group: 'www-data'
      mode: '2751'
    - path: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
      state: directory
      owner: "{{ ( SITE in ['www','WP'] ) | ternary ( concat , 'root' ) }}"
      group: "site_{{ SIGLE }}_{{ SITE }}"
      mode: '2750'