From a769494bc7a9c16e11c83fddb0935cbe7e526c33 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Krist=C3=B3f=20Torma?= <tormakristof@tormakristof.eu>
Date: Sat, 5 Aug 2023 23:55:38 +0200
Subject: [PATCH] add more checks

---
 roles/realmd/tasks/main.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/realmd/tasks/main.yaml b/roles/realmd/tasks/main.yaml
index 20b47fd..13e9e7e 100644
--- a/roles/realmd/tasks/main.yaml
+++ b/roles/realmd/tasks/main.yaml
@@ -28,12 +28,12 @@
   ansible.builtin.set_fact:
     join_passw: "{{ lookup('env', 'JOIN_PASSW') }}"
   delegate_to: localhost
-  when: checkjoined.found == 0
+  when: found in checkjoined and checkjoined.found == 0
 
 - name: Join to AD with realmd
   ansible.builtin.shell:
     cmd: echo {{ join_passw }} | realm join -v -U tormakris_admin intra.tormakris.dev
-  when: checkjoined.found == 0
+  when: found in checkjoined and checkjoined.found == 0
 
 - name: Enable pam homedir create on first logon
   ansible.builtin.command:
@@ -53,7 +53,7 @@
     state: present
     path: /etc/sssd/sssd.conf
     line: "ad_gpo_access_control = disabled"
-  when: checkadgpoac.found == 0
+  when: found in checkadgpoac and checkadgpoac.found == 0
 
 - name: Check if ad_access_filter is set
   ansible.builtin.lineinfile:
@@ -69,7 +69,7 @@
     state: present
     path: /etc/sssd/sssd.conf
     line: "ad_access_filter = memberOf=CN=LinuxUsers,OU=Service Groups,DC=intra,DC=tormakris,DC=dev"
-  when: checkadaf.found == 0
+  when: found in checkadaf and checkadaf.found == 0
 
 - name: "Restart sssd"
   ansible.builtin.service:
@@ -90,5 +90,5 @@
     state: present
     path: /etc/sudoers
     line: "%linuxadmins@intra.tormakris.dev ALL=(ALL) NOPASSWD: ALL"
-  when: checksudoers.found == 0
+  when: found in checksudoers and checksudoers.found == 0
 ...