machine_setup/ansible/roles/gpg/tasks/peruser_linux.yaml
2022-10-16 00:32:44 -04:00

46 lines
1.1 KiB
YAML

- name: Enable the gpg user agent
systemd:
name: "{{ item }}"
state: started
enabled: yes
daemon_reload: yes
scope: user
loop:
- gpg-agent.socket
- gpg-agent-ssh.socket
- name: Create gpg config directory
file:
name: "{{ account_homedir.stdout }}/.gnupg"
state: directory
mode: 0700
owner: "{{ account_name.stdout }}"
group: "{{ group_name.stdout }}"
- name: Configure gpg
copy:
src: "files/{{ item.src }}"
dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
mode: 0600
owner: "{{ account_name.stdout }}"
group: "{{ group_name.stdout }}"
loop:
- src: gpg.conf
dest: .gnupg/gpg.conf
- src: gpg-agent.conf
dest: .gnupg/gpg-agent.conf
- src: scdaemon.conf
dest: .gnupg/scdaemon.conf
- name: Check trusted gpg keys
command: gpg --list-public-keys --keyid-format LONG
register: gpgkeys
changed_when: false
check_mode: no
- name: Import public key for yubikey
command: gpg --import
when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
args:
stdin: "{{ lookup('file', 'gpg.asc') }}"