Add task to copy generated keys to repo

playbooks/update-local-users.yml

@@ -38,9 +38,9 @@
 
     - name: Create local user accounts
       tags: users_create
+      become: true
       block:
         - name: Create groups
-          become: true
           group:
             name: "{{ item }}"
             state: present
@@ -49,7 +49,6 @@
             - omni
 
         - name: Create users
-          become: true
           user:
             name: "{{ item.name }}"
             comment: "{{ item.fullname | default('') }}"
@@ -64,6 +63,17 @@
           with_items:
             - "{{ local_users | difference([None]) }}"
 
+        - name: Copy new keys
+          when: generate_keys|bool == true
+          fetch:
+            dest: "{{ playbook_dir + '/keys/' + item.name + '/' + inventory_hostname + '.pub' if item.name != 'root' and item.name != 'ansible' else '/dev/null' }}"
+            flat: yes
+            fail_on_missing: no
+            src: /home/{{ item.name }}/.ssh/id_rsa.pub
+            validate_checksum: no
+          with_items:
+            - "{{ local_users | difference([None]) }}"
+
     - name: Delete users that have been removed
       tags: users_delete
       block: