---
- name: Create groups
  ansible.builtin.group:
    name: "{{ item }}"
    state: present
  loop: "{{ users_default_groups }}"

- name: Create users
  ansible.builtin.user:
    name: "{{ item.name }}"
    groups: "{{ item.groups | default([]) | join(',') or omit }}"
    append: "{{ True if (item.groups | default([]) | length > 0) else False }}"
    password: "{{ item.password | password_hash('sha512',65534 | random(seed=inventory_hostname) | string) if item.password is defined else '*' }}"
    password_expire_min: "{{ item.password_expire_min | default(users_pass_min_day) }}"
    shell: "{{ item.shell | default('/bin/bash') }}"
  loop: "{{ users_default_users }}"
  loop_control:
    label: "{{ item.name }}"