53 lines
1.3 KiB
YAML
53 lines
1.3 KiB
YAML
- include_role:
|
|
name: per_user
|
|
|
|
- name: Create gpg config directory
|
|
file:
|
|
name: "{{ account_homedir.stdout }}/.gnupg"
|
|
state: directory
|
|
mode: 0700
|
|
owner: "{{ account_name.stdout }}"
|
|
group: "{{ group_name.stdout }}"
|
|
|
|
- name: Copy files
|
|
copy:
|
|
src: "files/{{ item.src }}"
|
|
dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
|
|
mode: 0600
|
|
owner: "{{ account_name.stdout }}"
|
|
group: "{{ group_name.stdout }}"
|
|
loop:
|
|
- src: gpg.conf
|
|
dest: .gnupg/gpg.conf
|
|
- src: scdaemon.conf
|
|
dest: .gnupg/scdaemon.conf
|
|
|
|
- name: Copy templates
|
|
template:
|
|
src: "templates/{{ item.src }}.j2"
|
|
dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
|
|
mode: 0600
|
|
owner: "{{ account_name.stdout }}"
|
|
group: "{{ group_name.stdout }}"
|
|
loop:
|
|
- src: gpg-agent.conf
|
|
dest: .gnupg/gpg-agent.conf
|
|
|
|
- name: Check trusted gpg keys
|
|
command: gpg --list-public-keys --keyid-format LONG
|
|
register: gpgkeys
|
|
changed_when: false
|
|
check_mode: no
|
|
|
|
- name: Import public key for yubikey
|
|
command: gpg --import
|
|
when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
|
|
args:
|
|
stdin: "{{ lookup('file', pgp_key|default('gpg.asc')) }}"
|
|
|
|
- import_tasks: tasks/peruser_freebsd.yaml
|
|
when: 'os_flavor == "freebsd"'
|
|
|
|
- import_tasks: tasks/peruser_linux.yaml
|
|
when: 'os_flavor == "linux"'
|