#!/bin/bash

set -e

test_mode=0
if [ $# -gt 0 ]; then
	test_mode=1
fi

skip_list="{{ skip_list | join(" ") }}"

userlist=""
for u in $(awk -F: '($7 !~ "/sbin/nologin" && $7 !~ "/bin/false"){print $1 ":" $3 ":" $7}' /etc/passwd); do
	username=`echo $u | cut -d: -f1`
	uid=`echo $u | cut -d: -f2`
	shell=`echo $u | cut -d: -f3`
	if [ "$username" == "root" ]; then
		continue
	fi
	if [ "x$skip_list" != "x" ]; then
		if echo "$skip_list" | grep -qw "$username"; then
			continue
		fi
	fi
	if [ $uid -ge {{ min_uid }} -a "$username" != "nobody" ]; then
		continue
	fi
	if [ "$shell" == "/sbin/nologin" ]; then
		continue
	fi
	if [ $test_mode -eq 0 ]; then
		usermod --shell /sbin/nologin "$username"
	fi
	if [ "x$userlist" == "x" ]; then
		userlist="\"$username\""
	else
		userlist="$userlist,\"$username\""
	fi
done
if [ "x$userlist" == "x" ]; then
	echo "{\"changed\": false}"
else
	echo "{\"changed\": true, \"users\": [$userlist]}"
fi

