---
- name: Create dot-SSH directory for monitoring user
  file:
    path: "{{ monitored_homedir }}/.ssh/"
    state: directory
    owner: "{{ monitored_user }}"
    group: "{{ monitored_group }}"
    mode: 0700

- name: Copy SSH authorized_keys for monitoring user
  authorized_key:
    user: "{{ monitored_user }}"
    key: "{{ lookup('file', item) }}"
    key_options: 'no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-pty{% if monitored_ssh_key_wrapper %},command="{{ monitored_ssh_key_wrapper }}"{% endif %}'
  with_items: monitored_ssh_key_files

- name: Copy SSH wrapper
  copy:
    src: "{{ monitored_ssh_key_wrapper_src }}"
    path: "{{ monitored_ssh_key_wrapper }}"
    mode: 0755
  when: monitored_ssh_key_wrapper_src