- hosts: proxmox_all_lxc
  remote_user: root
  tasks:
  - name: Install sssd
    package: 
      name: 
      - sssd
      - sssd-tools
      - libnss-sss
      - libpam-sss
      - libsss-sudo
      - sudo
      state: latest
  
  - name: Create sssd.conf
    copy: 
      src: /home/ansible/playbooks/contents/sssd.conf
      dest: /etc/sssd/sssd.conf
      mode: '0600'
      owner: root
      group: root

  - name: Start sssd
    service: 
      name: sssd
      state: restarted
  
  - name: Update PAM
    shell: 
      cmd: pam-auth-update --enable mkhomedir

  - name: Create sudoers file
    file:
      path: /etc/sudoers.d/unix_admin
      state: touch
      mode: '0440'
  
  - name: Add unix_admin to sudoers
    community.general.sudoers:
      name: unix_admin
      state: present
      group: unix_admin
      commands: ALL

  - name: Edit sshd_config - AuthorizedKeysCommand
    lineinfile: 
      path: /etc/ssh/sshd_config
      search_string: 'AuthorizedKeysCommand'
      line: AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys

  - name: Edit sshd_config - AuthorizedKeysCommand
    lineinfile: 
      path: /etc/ssh/sshd_config
      search_string: 'AuthorizedKeysCommandUser'
      line: AuthorizedKeysCommandUser nobody

  - name: Restart ssh
    service: 
      name: ssh
      state: restarted