From e1cdffd6311b2849213952ce7e83a598c6e72f3e Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Tue, 13 Feb 2024 23:28:41 +0100
Subject: [PATCH] only set ssh keys if explicitly wanted

---
 roles/user/defaults/main.yml      | 3 ++-
 roles/user/tasks/user_ansible.yml | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/roles/user/defaults/main.yml b/roles/user/defaults/main.yml
index b05f9db..9844e86 100644
--- a/roles/user/defaults/main.yml
+++ b/roles/user/defaults/main.yml
@@ -2,6 +2,7 @@
 # Create ansible user
 l3d_users_user__create_ansible: true
 l3d_users_user__ansible_user_state: 'present'
-
+l3d_users_user__set_ansible_ssh_keys: false
+l3d_users_user__ansible_ssh_keys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
 # run simple versionscheck
 submodules_versioncheck: false
diff --git a/roles/user/tasks/user_ansible.yml b/roles/user/tasks/user_ansible.yml
index c3871cb..e7257e5 100644
--- a/roles/user/tasks/user_ansible.yml
+++ b/roles/user/tasks/user_ansible.yml
@@ -20,10 +20,12 @@
   ansible.posix.authorized_key:
     user: 'ansible'
     state: "{{ l3d_users_user__ansible_user_state | ternary('present', 'absent') }}"
-    key: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
+    key: "{{ l3d_users_user__ansible_ssh_keys }}"
     exclusive: true
+  when: l3d_users_user__set_ansible_ssh_keys | bool
 
 - name: Add admin keys to user ansible
   become: true
   ansible.builtin.debug:
     msg: "tbd."
+  when: l3d_users_user__set_ansible_ssh_keys