# this play requires local ./blockinfile_authorized_keys to be available

- name: maintenance routines for slackware systems
  gather_facts: no
  hosts: xen
  become: "{{become}}"
  tasks:

  - name: authorized_keys for root
    ansible.builtin.blockinfile:
      path: /root/.ssh/authorized_keys
      block: "{{ lookup('file', 'blockinfile_authorized_keys') }}"
      prepend_newline: true
      append_newline: true
      create: true
      mode: 0600
      # TODO also create /root/.ssh/ 700 when absent
    when: "lookup('file', 'blockinfile_authorized_keys') != []"