- name: system
  blockinfile:
    dest: /etc/ssh/ssh_config
    marker: '# ANSIBLE SSH CONFIG {mark}'
    block: |-
      {% for host in ssh_config_hosts %}
      {% set host_config = ssh_config_hosts[host] %}
      Host {{host}}
      {% if host_config.hostname is defined %}
          HostName {{host_config.hostname}}
      {% endif %}
      {% if host_config.port is defined %}
          Port {{host_config.port}}
      {% endif %}
      {% if host_config.user is defined %}
          User {{host_config.user}}
      {% endif %}
      {% if host_config.key_path is defined %}
          IdentityFile "{{host_config.key_path}}"
      {% endif %}
      {% if host_config.proxy_command is defined %}
          ProxyCommand {{host_config.proxy_command}}
      {% elif host_config.ssh_proxy is defined %}
          ProxyCommand ssh -W localhost:{{host_config.ssh_proxy.port}}
      {%- if host_config.ssh_proxy.user is defined %}
       -o User={{host_config.ssh_proxy.user}}
      {%- endif %}
      {%- if host_config.ssh_proxy.key_path is defined %}
       -o IdentityFile='{{host_config.ssh_proxy.key_path}}'
      {%- endif %}
      {%- if host_config.ssh_proxy.bastion_port is defined %}
       -p {{ host_config.ssh_proxy.bastion_port }}
      {%- endif %}
       {{host_config.ssh_proxy.host}}
      {% endif %}
      {% endfor %}
  become: yes
- name: users
  blockinfile:
    dest: '~/.ssh/config'
    create: yes
    mode: 0600
    marker: '# ANSIBLE SSH CONFIG {mark}'
    block: |-
      {% set hosts = ssh_config_user_hosts[item] %}
      {% for host in hosts %}
      {% set host_config = hosts[host] %}
      Host {{host}}
      {% if host_config.hostname is defined %}
          HostName {{host_config.hostname}}
      {% endif %}
      {% if host_config.port is defined %}
          Port {{host_config.port}}
      {% endif %}
      {% if host_config.user is defined %}
          User {{host_config.user}}
      {% endif %}
      {% if host_config.key_path is defined %}
          IdentityFile "{{host_config.key_path}}"
      {% endif %}
      {% if host_config.ssh_proxy is defined %}
          ProxyCommand ssh -W localhost:{{host_config.ssh_proxy.port}}
      {%- if host_config.ssh_proxy.user is defined %}
       -o User={{host_config.ssh_proxy.user}}
      {%- endif %}
      {%- if host_config.ssh_proxy.key_path is defined %}
       -o IdentityFile='{{host_config.ssh_proxy.key_path}}'
      {%- endif %}
       {{host_config.ssh_proxy.host}}
      {% endif %}
      {% endfor %}
  become: yes
  become_user: '{{item}}'
  with_items: '{{ssh_config_user_hosts}}'