- name: Check if node has a key
  ansible.builtin.stat:
    path: /root/.ssh/id_rsa.pub
  register: key_check

- name: Generate an OpenSSH keypair
  community.crypto.openssh_keypair:
    path: /root/.ssh/id_rsa
  when: not key_check.stat.exists

- name: Fetch keys to local machine
  ansible.builtin.fetch:
    src: /root/.ssh/id_rsa.pub
    dest: /tmp/fetched_keys/

- name: Copy keys
  ansible.builtin.copy:
    src: /tmp/fetched_keys
    dest: /tmp
    mode: "0644"

- name: Add key to authorized_keys
  ansible.posix.authorized_key:
    user: root
    state: present
    key: "{{ lookup('file', '/tmp/fetched_keys/' + item + '/root/.ssh/id_rsa.pub') }}"
  loop: "{{ groups['nodes'] }}"

- name: Add key to known_hosts
  ansible.builtin.known_hosts:
    path: /root/.ssh/known_hosts
    name: "ganeti-{{ groups['nodes'].index(item) + 1 }}.ganeti"
    key: "ganeti-{{ groups['nodes'].index(item) + 1 }}.ganeti {{ lookup('file', '/tmp/fetched_keys/' + item + '/root/.ssh/id_rsa.pub') }}"
    state: present
  loop: "{{ groups['nodes'] }}"