ssh-copy-id.yml

#!/usr/bin/env ansible-playbook
# Then ./ssh-copy-id.yml -i $ANSIBLE_INVENTORY -k
---

- name: Distribute public ssh-key to ansible inventory
  hosts: all:!localhost:!bastion
  become: false
  gather_facts: false

  tasks:
    - name: Get home_dir from $HOME
      delegate_to: localhost
      run_once: true
      ansible.builtin.set_fact:
        home_dir: "{{ lookup('env', 'HOME') }}"

    - name: Selecting public key file
      delegate_to: localhost
      run_once: true
      ansible.builtin.set_fact:
        pub_key: "{{ item }}"
      with_first_found:
        - "{{ home_dir }}/.ssh/authorized_keys"
        - "{{ home_dir }}/.ssh/id_ed25519.pub"

    - name: Gather facts
      ansible.builtin.setup:
        filter: ansible_env

    - name: Add authorized keys taken from file
      ansible.posix.authorized_key:
        user: "{{ ansible_env['USER'] }}"
        state: present
        key: "{{ lookup('file', pub_key) }}"
        exclusive: false