Added initial deploy_sshkeys.yml

inventories/clients/voice1/hosts.yml

@@ -1,7 +1,7 @@
 ---
 all:
   vars:
-    client_id: "v1-V1-001"
+    client_id: "V1-001"
     client_name: "VOICE1 Servers"
     billing_model: "hybrid"
     maintenance_window_start: "02:00"
@@ -23,8 +23,8 @@ all:
         api_host: 10.189.42.22
         api_port: 8006
         api_user: "ansible@pve"
-        api_token_id: "ansible-token"
-        api_token_secret: "02668150-9ee3-49fa-ab2c-f3389d0639db"
+        api_token_id: ""
+        api_token_secret: ""
         cluster_mode: cluster
         ceph_enabled: true
         shared_storage: false

playbooks/deploy_sshkeys.yml

@@ -0,0 +1,25 @@
+---
+- name: Deploy SSH Keys to Linux Hosts
+  hosts: linux_hosts:proxmox_cluster:proxmox_hosts:xcpng_hosts
+  gather_facts: false
+  become: true
+  vars:
+    # Ensure the slug is passed from your onboarding script or Semaphore env
+    client_slug: "myclient"
+    public_key_path: "/root/.ssh/client_{{ client_slug }}.pub"
+
+  tasks:
+    - name: Ensure .ssh directory exists
+      ansible.builtin.file:
+        path: "~{{ ansible_user }}/.ssh/"
+        state: directory
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        mode: '0700'
+
+    - name: Deploy public SSH key
+      ansible.posix.authorized_key:
+        user: "{{ ansible_user }}"
+        state: present
+        # Use lookup to read the local key file on the Semaphore server
+        key: "{{ lookup('file', public_key_path) }}"