From a7a20cb238ebe6850e97bf953a90a9c5089ff1e2 Mon Sep 17 00:00:00 2001
From: Rene Mewissen <rene@tantooine.myfirewall.org>
Date: Wed, 23 Nov 2022 10:18:23 +0100
Subject: [PATCH] add backup ssh key to root user, if host role is backup

---
 roles/base/tasks/users/root.yml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/roles/base/tasks/users/root.yml b/roles/base/tasks/users/root.yml
index b7e080e..f02c99e 100644
--- a/roles/base/tasks/users/root.yml
+++ b/roles/base/tasks/users/root.yml
@@ -24,6 +24,17 @@
   with_file:
     - public_keys/backup_ed25519.pub
 
+- name: users | root | install private ssh keys for backup
+  copy:
+    dest: "{{ ansible_user_dir }}/.ssh/"
+    src: "{{ item }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
+    mode: '0600'
+  loop:
+    - "private_keys/backup_ed25519"
+  when: "'backup' is in role_names"
+
 - name: users | {{ user }} | getent user home directory
   getent:
     database: passwd
@@ -33,7 +44,8 @@
 
 - name: users | root | copy ~/validate-rsync.sh
   copy:
-    dest: "{{ getent_passwd[user][4] }}/validate-rsync.sh"
+    #dest: "{{ getent_passwd[user][4] }}/validate-rsync.sh"
+    dest: "{{ ansible_user_dir }}/validate-rsync.sh"
     src: "system_setup/validate-rsync.sh"
     mode: "0744"