Add a gpg role for FreeBSD.

ansible/roles/gpg/files/pcscd.conf

@@ -0,0 +1,8 @@
+attach 100 {
+        device-name "ugen[0-9]+";
+        action "/usr/local/sbin/pcscd -H";
+};
+detach 100 {
+        device-name "ugen[0-9]+";
+        action "/usr/local/sbin/pcscd -H";
+};

ansible/roles/gpg/files/pcscd_rc.conf

@@ -0,0 +1 @@
+pcscd_enable="YES"

ansible/roles/gpg/tasks/freebsd.yaml

@@ -6,7 +6,8 @@
       - ccid
       #      - linux_libusb
       - pinentry
-      - pinentry-qt5    state: present
+      - pinentry-qt5
+    state: present
 
 - name: Create directories
   file:
@@ -20,7 +21,7 @@
 
 - name: Install service configuration
   copy:
-    src: "files/intel_{{ item }}_rc.conf"
+    src: "files/{{ item }}_rc.conf"
     dest: "/etc/rc.conf.d/{{ item }}"
     mode: 0644
     owner: root
@@ -35,7 +36,17 @@
     mode: 0644
     owner: root
     group: wheel
-  notify: restart devd
+  loop:
+    - src: pcscd.conf
+      dest: /usr/local/etc/devd/pcscd.conf
+
+- name: Install devd Configuration
+  copy:
+    src: "files/{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: 0644
+    owner: root
+    group: wheel
   loop:
     - src: pcscd.conf
       dest: /usr/local/etc/devd/pcscd.conf

ansible/roles/gpg/tasks/peruser.yaml

@@ -1,26 +1,40 @@
 - include_role:
     name: per_user
 
-# - name: Create directories
+- name: Create gpg config directory
-#   file:
+  file:
-#     name: "{{ account_homedir.stdout }}/{{ item }}"
+    name: "{{ account_homedir.stdout }}/.gnupg"
-#     state: directory
+    state: directory
-#     mode: 0700
+    mode: 0700
-#     owner: "{{ account_name.stdout }}"
+    owner: "{{ account_name.stdout }}"
-#     group: "{{ group_name.stdout }}"
+    group: "{{ group_name.stdout }}"
-#   loop:
-#     - ".config/foo"
 
-# - name: Copy files
+- name: Copy files
-#   copy:
+  copy:
-#     src: "files/{{ item.src }}"
+    src: "files/{{ item.src }}"
-#     dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
+    dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
-#     mode: 0600
+    mode: 0600
-#     owner: "{{ account_name.stdout }}"
+    owner: "{{ account_name.stdout }}"
-#     group: "{{ group_name.stdout }}"
+    group: "{{ group_name.stdout }}"
-#   loop:
+  with_items:
-#     - src: foo.conf
+    - src: gpg.conf
-#       dest: .config/foo/foo.conf
+      dest: .gnupg/gpg.conf
+    - src: gpg-agent.conf
+      dest: .gnupg/gpg-agent.conf
+    - src: scdaemon.conf
+      dest: .gnupg/scdaemon.conf
+
+- name: Check trusted gpg keys
+  command: gpg --list-public-keys --keyid-format LONG
+  register: gpgkeys
+  changed_when: false
+  check_mode: no
+
+- name: Import public key for yubikey
+  command: gpg --import
+  when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
+  args:
+    stdin: "{{ lookup('file', 'gpg.asc') }}"
 
 - import_tasks: tasks/peruser_freebsd.yaml
   when: 'os_flavor == "freebsd"'

ansible/roles/gpg/tasks/peruser_linux.yaml

@@ -8,38 +8,3 @@
   loop:
     - gpg-agent.socket
     - gpg-agent-ssh.socket
-
-- name: Create gpg config directory
-  file:
-    name: "{{ account_homedir.stdout }}/.gnupg"
-    state: directory
-    mode: 0700
-    owner: "{{ account_name.stdout }}"
-    group: "{{ group_name.stdout }}"
-
-- name: Configure gpg
-  copy:
-    src: "files/{{ item.src }}"
-    dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
-    mode: 0600
-    owner: "{{ account_name.stdout }}"
-    group: "{{ group_name.stdout }}"
-  loop:
-    - src: gpg.conf
-      dest: .gnupg/gpg.conf
-    - src: gpg-agent.conf
-      dest: .gnupg/gpg-agent.conf
-    - src: scdaemon.conf
-      dest: .gnupg/scdaemon.conf
-
-- name: Check trusted gpg keys
-  command: gpg --list-public-keys --keyid-format LONG
-  register: gpgkeys
-  changed_when: false
-  check_mode: no
-
-- name: Import public key for yubikey
-  command: gpg --import
-  when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
-  args:
-    stdin: "{{ lookup('file', 'gpg.asc') }}"