---
# SSH Authorized Keys Configuration
# Manages authorized_keys files across all ubuntu hosts
#
# Usage:
#   ansible-playbook ssh_keys.yml
#
# To override exclusive mode (remove unlisted keys):
#   ansible-playbook ssh_keys.yml -e "ssh_exclusive_mode=true"

# When true, removes any keys not in this list (use with caution!)
ssh_exclusive_mode: false

# List of users and their authorized SSH public keys
# Each user entry requires:
#   - name: username (must exist on target hosts)
#   - keys: list of SSH public key strings
#
# Example:
#   ssh_authorized_users:
#     - name: robert
#       keys:
#         - "ssh-ed25519 AAAAC3Nza... user@host"
#         - "ssh-rsa AAAAB3Nza... another@host"
#     - name: deploy
#       keys:
#         - "ssh-ed25519 AAAAC3Nza... deploy-key"

ssh_authorized_users:
  - name: robert
    keys:
      - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0xFMMSa1SeMPbX84zJOKWHAT3HtMRuWmNA7GGKr1uw robert@Hercules"
      - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTcpW11Vb3w1Bi77WCAM5K9Q2vz9MW5PdBpiAIXhjn3 robert@Norma"
  - name: harper
    keys:
      - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVvIshMkRx1f9m2TTJ1lMHzsaBnuxZdoMFm6hmuzZzo harper@caliban"