ceph-ansible/roles/ceph-fetch-keys/tasks/main.yml

---
- name: find ceph keys
  shell: ls -1 /etc/ceph/*.keyring
  changed_when: false
  register: ceph_keys

- name: set keys permissions
  file:
    path: "{{ item }}"
    mode: 0600
    owner: root
    group: root
  with_items:
    - "{{ ceph_keys.stdout_lines }}"

- name: copy keys to the ansible server
  fetch:
    src: "{{ item }}"
    dest: "{{ fetch_directory }}/{{ fsid }}/{{ item }}"
    flat: yes
  run_once: true
  with_items:
    - "{{ ceph_keys.stdout_lines }}"
    - "/var/lib/ceph/bootstrap-osd/{{ cluster }}.keyring"
    - "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring"
    - "/var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring"