From ea726b9777534b1bbad60d39c05430f78b2fd898 Mon Sep 17 00:00:00 2001
From: Tobias Hachmer <tobias@hachmer.de>
Date: Mon, 17 Sep 2018 13:45:55 +0200
Subject: [PATCH] Move generation of ssh keys from role prerequisites to role
 users - let handle the user module this

---
 roles/prerequisites/tasks/main.yml | 5 -----
 roles/users/tasks/main.yml         | 2 ++
 roles/users/vars/main.yml          | 2 ++
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/roles/prerequisites/tasks/main.yml b/roles/prerequisites/tasks/main.yml
index 187c0c4..6a2e185 100755
--- a/roles/prerequisites/tasks/main.yml
+++ b/roles/prerequisites/tasks/main.yml
@@ -18,8 +18,3 @@
 - name: Test root access for admin account
   command: "true"
   changed_when: False
-
-- name: Generate SSH keys
-  shell: "ssh-keygen -b 4096 -t rsa -f /home/admin/.ssh/id_rsa -q -N '' -C '{{ inventory_hostname_short }}'"
-  args:
-    creates: /home/admin/.ssh/id_rsa
diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml
index 6bd26f1..09d4ee1 100644
--- a/roles/users/tasks/main.yml
+++ b/roles/users/tasks/main.yml
@@ -10,6 +10,8 @@
     comment: "{{ item.comment }}"
     shell: "{{ item.shell }}"
     home: "{{ item.home }}"
+    generate_ssh_key: "{{ item.generate_ssh_key }}"
+    ssh_key_bits: "{{ item.ssh_key_bits }}"
     state: "{{ item.state }}"
   loop: "{{ system_users }}"
 
diff --git a/roles/users/vars/main.yml b/roles/users/vars/main.yml
index 77cc653..58fcc32 100644
--- a/roles/users/vars/main.yml
+++ b/roles/users/vars/main.yml
@@ -6,6 +6,8 @@ system_users:
     home: "/home/admin"
     state: "present"
     ssh_keys: "{{ ssh_keys_admin_team }}"
+    generate_ssh_key: "yes"
+    ssh_key_bits: 4096
 
 admin_users: