---

- name: Ensure working directory exists
  file:
    path: "{{ ssh_ca_dir }}"
    state: directory

- name: Copy script
  template:
    src: templates/ssh_ca.sh.j2
    dest: "{{ ssh_ca_dir }}/ssh_ca.sh"
    mode: 755

- name: Create keys directory
  file:
    path: "{{ ssh_ca_dir }}/keys"
    state: directory

- name: Copy user CA private key
  copy:
    dest: "{{ ssh_ca_dir }}/keys/user_ca"
    content: "{{ ssh_ca_user_ca_private_key }}"
    mode: 600

- name: Copy host CA private key
  copy:
    dest: "{{ ssh_ca_dir }}/keys/host_ca"
    content: "{{ ssh_ca_host_ca_private_key }}"
    mode: 600

- name: Copy user CA public key
  copy:
    dest: "{{ ssh_ca_dir }}/keys/user_ca.pub"
    content: "{{ ssh_ca_user_ca_public_key }}"
    mode: 644

- name: Copy host CA public key
  copy:
    dest: "{{ ssh_ca_dir }}/keys/host_ca.pub"
    content: "{{ ssh_ca_host_ca_public_key }}"
    mode: 644