Added initial deploy_sshkeys.yml

playbooks/deploy_sshkeys.yml

@@ -0,0 +1,25 @@
+---
+- name: Deploy SSH Keys to Linux Hosts
+  hosts: linux_hosts:proxmox_cluster:proxmox_hosts:xcpng_hosts
+  gather_facts: false
+  become: true
+  vars:
+    # Ensure the slug is passed from your onboarding script or Semaphore env
+    client_slug: "myclient"
+    public_key_path: "/root/.ssh/client_{{ client_slug }}.pub"
+
+  tasks:
+    - name: Ensure .ssh directory exists
+      ansible.builtin.file:
+        path: "~{{ ansible_user }}/.ssh/"
+        state: directory
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        mode: '0700'
+
+    - name: Deploy public SSH key
+      ansible.posix.authorized_key:
+        user: "{{ ansible_user }}"
+        state: present
+        # Use lookup to read the local key file on the Semaphore server
+        key: "{{ lookup('file', public_key_path) }}"