From 0a32383de311d8986869cd914a750968a188e6b7 Mon Sep 17 00:00:00 2001
From: Peter <peter@pfoe.be>
Date: Fri, 15 Aug 2025 22:48:55 +0200
Subject: [PATCH] add ssh key option for apps

This way we can push ssh keys that can pull/push to repositories.  This
is very handy if we wish to edit/maintain the appinfo repository right
on the server where it is hosted....
---
 roles/ppm/tasks/oneapp.yml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/roles/ppm/tasks/oneapp.yml b/roles/ppm/tasks/oneapp.yml
index fe89ffe..ccfa54c 100644
--- a/roles/ppm/tasks/oneapp.yml
+++ b/roles/ppm/tasks/oneapp.yml
@@ -19,6 +19,23 @@
     line: "export XDG_RUNTIME_DIR=/run/user/$(id -u)"
     regexp: ^export XDG_RUNTIME_DIR=
 
+- name: "Ensure ssh configuration directory for user {{ ppm_app.user }}"
+  ansible.builtin.file:
+    state: directory
+    mode: "0700"
+    path: "{{ ppm_app_user.home }}/.ssh"
+    owner: "{{ ppm_app_user.name }}"
+    group: "{{ ppm_app_user.group }}"
+
+- name: "Place ssh key for user {{ ppm_app.user }}"
+  ansible.builtin.copy:
+    src: "{{ ppm_app.sshkey }}"
+    mode: "0600"
+    dest: "{{ ppm_app_user.home }}/.ssh/id_rsa"
+    owner: "{{ ppm_app_user.name }}"
+    group: "{{ ppm_app_user.group }}"
+  when: ppm_app.sshkey is defined
+
 - name: "Place configuration ({{ ppm_app.user }})"
   ansible.builtin.copy:
     content: "{{ ppm_app.appconfig | dict2items | selectattr('key', 'ne', 'code') | items2dict | to_nice_yaml }}"