From 3bda2373c613a050c081ced7f6cb4d90333cd470 Mon Sep 17 00:00:00 2001
From: The_miro <amir@abdelbaki.eu>
Date: Mon, 27 Apr 2026 16:36:09 +0200
Subject: [PATCH] Add setup/modules/ansible/auto-add-baseuser.sh

---
 setup/modules/ansible/auto-add-baseuser.sh | 30 ++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 setup/modules/ansible/auto-add-baseuser.sh

diff --git a/setup/modules/ansible/auto-add-baseuser.sh b/setup/modules/ansible/auto-add-baseuser.sh
new file mode 100644
index 0000000..0b837d4
--- /dev/null
+++ b/setup/modules/ansible/auto-add-baseuser.sh
@@ -0,0 +1,30 @@
+#!/usr/bin/env bash
+set -e
+
+LOCAL_GROUP="baseusers"
+
+# Ensure local group exists
+if ! getent group "$LOCAL_GROUP" >/dev/null; then
+    groupadd "$LOCAL_GROUP"
+fi
+
+# Detect active user (works for SSH + console)
+CURRENT_USER=$(who | awk '{print $1}' | head -n 1)
+
+if [ -z "$CURRENT_USER" ]; then
+    exit 0
+fi
+
+# Ensure user exists
+if ! id "$CURRENT_USER" >/dev/null 2>&1; then
+    exit 0
+fi
+
+# Check if user is in FreeIPA BaseUser group
+if id "$CURRENT_USER" | grep -q "BaseUser"; then
+
+    # Add to local group if missing
+    if ! id "$CURRENT_USER" | grep -q "$LOCAL_GROUP"; then
+        usermod -aG "$LOCAL_GROUP" "$CURRENT_USER"
+    fi
+fi