---
- name: Add SSH key from Gitea
  hosts: all
  become: true

  tasks:
    - name: Ensure .ssh directory exists
      file:
        path: "/home/{{ username }}/.ssh"
        state: directory
        owner: "{{ username }}"
        group: "{{ username }}"
        mode: '0700'

    - name: Add public key from Gitea to authorized_keys
      ansible.posix.authorized_key:
        user: "{{ username }}"
        key: "https://gitea.purpleraft.com/{{ username }}.keys"
        state: present
        manage_dir: false  # we already ensured it