---
- name: Check if user has ~/.ssh/config
  stat:
    path: "/home/{{ item.name }}/.ssh/config"
  with_items: "{{ users }}"
  register: sshconfig


- name: Create ~/.ssh/config when absent
  file:
    path: "/home/{{ item.item.name }}/.ssh/config"
    owner: "{{ item.item.name }}"
    group: "{{ item.item.name }}"
    mode: 0600
    state: touch
  when: item.stat.exists == False and item.item.state == "present"
  with_items:
    - "{{ sshconfig.results }}"
  no_log: True


- name: CHECK VARS
  debug:
    msg: "{{ item.1 }}"
  with_subelements:
    - "{{ users }}"
    - ssh_config
    - skip_missing: true
  when: item.0.state == "present"

- name: Configure ~/.ssh/config
  blockinfile:
    #path: "/home/{{ item.0.name  }}/.ssh/config"
    path: "/home/{{ item.name  }}/.ssh/config"
    #owner: "{{ item.0.name }}"
    owner: "{{ item.name }}"
    #group: "{{ item.0.name }}"
    group: "{{ item.name }}"
    mode: 0600
    marker: "# {mark} ANSIBLE MANAGED BLOCK"
    content: |
      {% for host in groups['all'] -%} 
      Host {{ hostvars[host]['ansible_hostname'] }}
          Hostname {{ hostvars[host]['inventory_hostname'] }}
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
      {% for item in item.ssh_config %}
          {{ item.line }}
      {% endfor %}
      {% endfor %}
  with_items:
    - "{{ users }}"
    - skip_missing: true
  when: item.ssh_config is defined and item.state == "present"

#- name: Configure ~/.ssh/config
#  blockinfile:
#    path: "/home/{{ item.0.name  }}/.ssh/config"
#    owner: "{{ item.0.name }}"
#    group: "{{ item.0.name }}"
#    mode: 0600
#    marker: "# {mark} ANSIBLE MANAGED BLOCK"
#    content: |
#      {% for host in groups['all'] -%} 
#      Host {{ hostvars[host]['ssh_short_name'] }}
#          Hostname {{ hostvars[host]['inventory_hostname'] }}
#          RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
#          RemoteForward /home/{{ item.0.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
#      {% for k,v  in item.1.items() %}
#      {% if k|lower != "host" and k|lower != "hostname" %}
#          {{k}} {{v}}
#      {% endif %}
#      {% endfor %}
#      {% endfor %}
#  with_dict:
#    - "{{ users }}"
#    - skip_missing: true
#  when: item.0.state == "present"