improved users group with ACL

group_vars/all/user_vault.example

@@ -1,10 +0,0 @@
----
-uservault_users:
-  - {
-      name: lorem,
-      groups: sudo,
-      shell: "/bin/bash",
-      password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
-      ssh_key: "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn user@host",
-      totp: "daeae8ce486f6636d68c37c21ce002" # the hex value
-    }

roles/base_totp/tasks/main.yml

@@ -13,10 +13,10 @@
   lineinfile:
     path: /etc/users.oath
     regexp: "{{ item.name }}"
-    line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ item.name }} - {{item.totp}}"
+    line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ users.key }} - {{ users_dict[users.key].totp }}"
     create: true
     group: root
     owner: root
     mode: '600'
-  loop: "{{ uservault_users }}"
+  loop: "{{ users | dict2items }}"
   no_log: true