From c8fdc4fae954bda107c013c14faeb34b89e5b3f0 Mon Sep 17 00:00:00 2001
From: Felix Stupp <felix.stupp@outlook.com>
Date: Tue, 22 Dec 2020 22:48:22 +0100
Subject: [PATCH] account: Configure authorized_keys using authorized_key
 module

- also restricts .ssh directory only to user
- restriction was automatically applied by authorized_keys module before
- more restriction is not harmful
- this restriction ensures indempotency while using the authorized_keys module
---
 roles/account/tasks/main.yml | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

diff --git a/roles/account/tasks/main.yml b/roles/account/tasks/main.yml
index 3bc8cc0..bea1261 100644
--- a/roles/account/tasks/main.yml
+++ b/roles/account/tasks/main.yml
@@ -52,23 +52,11 @@
     group: "{{ username }}"
     mode: "u=rwx,g=rx,o="
 
-- name: Configure ssh configration directory
-  file:
-    path: "{{ user_directory }}/.ssh"
-    state: directory
-    owner: "{{ username }}"
-    group: "{{ username }}"
-    mode: "u=rwx,g=rx,o="
-
 - name: Configure authorized_keys
-  get_url:
-    url: "{{ authorized_keys }}"
-    dest: "{{ user_directory }}/.ssh/authorized_keys"
-    force: yes
-    owner: "{{ username }}"
-    group: "{{ username }}"
-    mode: "u=rwx,g=rx,o="
-  ignore_errors: yes
+  authorized_key:
+    state: present
+    user: "{{ username }}"
+    key: "{{ authorized_keys }}"
 
 - name: Configure zsh
   become_user: "{{ username }}"