---

- hosts:
    - servers
    - desktops
    - laptops
  remote_user: root
  roles:
    - name: users

# - hosts: desktops:laptops
#   remote_user: root
#   tasks:
#     - name: /etc/ssh/ssh_config
#       template:
#         src: ssh_config.j2
#         dest: /etc/ssh/ssh_config
#     - name: ssh known hosts
#       known_hosts:
#         name: "{{item}}"
#         key: "{{item}},{{hostvars[item].ansible_default_ipv4.address}} {{hostvars[item].ansible_ssh_host_key_ed25519_public_keytype}} {{hostvars[item].ansible_ssh_host_key_ed25519_public}}"
#         path: /etc/ssh/ssh_known_hosts
#       loop: "{{groups.servers}}"

- hosts:
    - servers
  remote_user: root
  tasks:

    - name: authorize ssh public keys
      authorized_key:
        user: "{{item.name}}"
        key: "{{item.ssh_public_key}}"
      loop: "{{ hostvars | json_query(\"*.user_ssh_keys_info.results[]\") }}"
      loop_control:
        label: "{{ item.name }}"
      tags:
        - users