ansible-role-users/tasks/ssh.yml

---

- name: ssh_key
  user:
    name: "{{ item }}"
    generate_ssh_key: yes
    ssh_key_type: ed25519
  with_items: "{{ users.keys() }}"

- name: ssh directory
  file:
    path: "{{ users[item].home | default('/home/'+item) }}/.ssh"
    owner: "{{ item }}"
    group: "{{ item }}"
    mode: "700"
    state: directory
  with_items: "{{ users.keys() }}"

- name: ssh authorized keys
  template:
    src: ssh_authorized_keys.j2
    dest: "{{ users[item].home | default('/home/'+item) }}/.ssh/authorized_keys"
    owner: "{{ item }}"
    group: "{{ item }}"
  with_items: "{{ users.keys() }}"
  when: users[item].ssh_authorized_keys is defined