- include_role:
    name: per_user

- name: Create gpg config directory
  file:
    name: "{{ account_homedir.stdout }}/.gnupg"
    state: directory
    mode: 0700
    owner: "{{ account_name.stdout }}"
    group: "{{ group_name.stdout }}"

- name: Copy files
  copy:
    src: "files/{{ item.src }}"
    dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
    mode: 0600
    owner: "{{ account_name.stdout }}"
    group: "{{ group_name.stdout }}"
  loop:
    - src: gpg.conf
      dest: .gnupg/gpg.conf
    - src: scdaemon.conf
      dest: .gnupg/scdaemon.conf

- name: Copy templates
  template:
    src: "templates/{{ item.src }}.j2"
    dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
    mode: 0600
    owner: "{{ account_name.stdout }}"
    group: "{{ group_name.stdout }}"
  loop:
    - src: gpg-agent.conf
      dest: .gnupg/gpg-agent.conf

- name: Check trusted gpg keys
  command: gpg --list-public-keys --keyid-format LONG
  register: gpgkeys
  changed_when: false
  check_mode: no

- name: Import public key for yubikey
  command: gpg --import
  when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
  args:
    stdin: "{{ lookup('file', 'gpg.asc') }}"

- import_tasks: tasks/peruser_freebsd.yaml
  when: 'os_flavor == "freebsd"'

- import_tasks: tasks/peruser_linux.yaml
  when: 'os_flavor == "linux"'