Add the per-user common role.

ansible/roles/per_user/tasks/main.yml

@@ -0,0 +1,33 @@
+- name: account $HOME
+  shell: "echo $HOME"
+  register: account_homedir
+  changed_when: false
+  check_mode: no
+
+- name: account name
+  command: id -un
+  register: account_name
+  changed_when: false
+  check_mode: no
+
+- name: group name
+  command: id -gn
+  register: group_name
+  changed_when: false
+  check_mode: no
+
+- name: Create directories
+  file:
+    name: "{{ account_homedir.stdout }}/{{ item }}"
+    state: directory
+    mode: 0700
+    owner: "{{ account_name.stdout }}"
+    group: "{{ group_name.stdout }}"
+  loop:
+    - .ansible_deploy
+
+- include: tasks/peruser_freebsd.yaml
+  when: 'os_flavor == "freebsd"'
+
+- include: tasks/peruser_linux.yaml
+  when: 'os_flavor == "linux"'

ansible/roles/per_user/tasks/peruser_linux.yaml

@@ -0,0 +1,9 @@
+- name: Create directories
+  file:
+    name: "{{ account_homedir.stdout }}/{{ item }}"
+    state: directory
+    mode: 0700
+    owner: "{{ account_name.stdout }}"
+    group: "{{ group_name.stdout }}"
+  loop:
+    - .config/systemd/user # user unit files

ansible/roles/zsh/tasks/linux.yaml

@@ -6,3 +6,12 @@
       - git
       - python-jmespath # Needed on machine running ansible for json_query
     state: present
+
+- include_tasks:
+    file: tasks/peruser.yaml
+    apply:
+      become: yes
+      become_user: "{{ initialize_user }}"
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
+  loop_control:
+    loop_var: initialize_user