infra/roles/.common/tasks/peering/setup_peer.yml

- name: common-peering-remote-account
  user:
    name: "{{ item.name }}"
    state: present
    skeleton: /etc/skel
    shell: /bin/bash
    system: no
    createhome: yes
    home: "/home/peers/{{ item.name }}"

- name: common-peering-remote-key
  lineinfile:
    path: "/home/peers/{{ item.name }}/.ssh/authorized_keys"
    line: "{{ item.client_key }}"
    create: yes
    # TODO: dans authorized_keys pour restreindre le compte à SCP
    #     no-port-forwarding,no-pty,command="scp source target" ssh-dss ...
    # TODO: chroot

- name: common-peering-remote-known
  lineinfile:
    path: /home/peers/self/.ssh/known_hosts
    create: yes
    line: "{{ item.name }} {{ item.server_key }}"