#!/bin/bash
# {{ ansible_managed }}
# Installs the Anbible management public ssh key on this host.

{% set pubkey = lookup('env', 'HOME')+"/.ssh/id_ansible@"+software.environment+".pub" -%}
{% set keydata = lookup('file', pubkey) -%}
SSH_DIR="${HOME}/.ssh"
NAME="ansible@{{ software.environment }}"
AUTHORIZED_KEYS="${SSH_DIR}/authorized_keys"
NEW_AUTHORIZED_KEYS="${AUTHORIZED_KEYS}..SWAP$$"
BACKUP_AUTHORIZED_KEYS="${AUTHORIZED_KEYS}.old"
#KEY_DATA='from="{{ ip.ansible[segment.mgmt.network].address }}" {{ keydata }}'
KEY_DATA='{{ keydata }}'

mkdir -p $SSH_DIR
touch $AUTHORIZED_KEYS
echo "Remove ${NAME} from existing authorized keys"
cat $AUTHORIZED_KEYS | grep -v \ ${NAME}$ > $NEW_AUTHORIZED_KEYS
echo "Add fresh ansible public key to the authorized keys"
echo $KEY_DATA >> $NEW_AUTHORIZED_KEYS
echo "Install the new authorized keys"
mv $NEW_AUTHORIZED_KEYS $AUTHORIZED_KEYS
cp $AUTHORIZED_KEYS $BACKUP_AUTHORIZED_KEYS