From 87570eba793434584c55a77911e6c2e96c3711b8 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Thu, 27 Oct 2022 01:34:06 -0400
Subject: [PATCH] Make pinentry program a templated variable.

---
 ansible/roles/gpg/files/gpg-agent.conf        |  7 -------
 ansible/roles/gpg/tasks/peruser.yaml          | 13 +++++++++++--
 ansible/roles/gpg/templates/gpg-agent.conf.j2 | 11 +++++++++++
 3 files changed, 22 insertions(+), 9 deletions(-)
 delete mode 100644 ansible/roles/gpg/files/gpg-agent.conf
 create mode 100644 ansible/roles/gpg/templates/gpg-agent.conf.j2

diff --git a/ansible/roles/gpg/files/gpg-agent.conf b/ansible/roles/gpg/files/gpg-agent.conf
deleted file mode 100644
index f33e696..0000000
--- a/ansible/roles/gpg/files/gpg-agent.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-enable-ssh-support
-write-env-file
-use-standard-socket
-default-cache-ttl 600
-max-cache-ttl 7200
-display :0
-pinentry-program pinentry-qt5
diff --git a/ansible/roles/gpg/tasks/peruser.yaml b/ansible/roles/gpg/tasks/peruser.yaml
index 3855611..eb738e5 100644
--- a/ansible/roles/gpg/tasks/peruser.yaml
+++ b/ansible/roles/gpg/tasks/peruser.yaml
@@ -19,11 +19,20 @@
   loop:
     - src: gpg.conf
       dest: .gnupg/gpg.conf
-    - src: gpg-agent.conf
-      dest: .gnupg/gpg-agent.conf
     - src: scdaemon.conf
       dest: .gnupg/scdaemon.conf
 
+- name: Copy templates
+  template:
+    src: "templates/{{ item.src }}.j2"
+    dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
+    mode: 0600
+    owner: "{{ account_name.stdout }}"
+    group: "{{ group_name.stdout }}"
+  loop:
+    - src: gpg-agent.conf
+      dest: .gnupg/gpg-agent.conf
+
 - name: Check trusted gpg keys
   command: gpg --list-public-keys --keyid-format LONG
   register: gpgkeys
diff --git a/ansible/roles/gpg/templates/gpg-agent.conf.j2 b/ansible/roles/gpg/templates/gpg-agent.conf.j2
new file mode 100644
index 0000000..2c1159e
--- /dev/null
+++ b/ansible/roles/gpg/templates/gpg-agent.conf.j2
@@ -0,0 +1,11 @@
+enable-ssh-support
+write-env-file
+use-standard-socket
+default-cache-ttl 600
+max-cache-ttl 7200
+display :0
+{% if os_flavor == "linux" %}
+pinentry-program /usr/bin/pinentry-qt5
+{% elif os_flavor == "freebsd" %}
+pinentry-program /usr/local/bin/pinentry-qt5
+{% endif %}