46 lines
1.1 KiB
YAML
46 lines
1.1 KiB
YAML
- name: Enable the gpg user agent
|
|
systemd:
|
|
name: "{{ item }}"
|
|
state: started
|
|
enabled: yes
|
|
daemon_reload: yes
|
|
scope: user
|
|
loop:
|
|
- gpg-agent.socket
|
|
- gpg-agent-ssh.socket
|
|
|
|
- name: Create gpg config directory
|
|
file:
|
|
name: "{{ account_homedir.stdout }}/.gnupg"
|
|
state: directory
|
|
mode: 0700
|
|
owner: "{{ account_name.stdout }}"
|
|
group: "{{ group_name.stdout }}"
|
|
|
|
- name: Configure gpg
|
|
copy:
|
|
src: "files/{{ item.src }}"
|
|
dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
|
|
mode: 0600
|
|
owner: "{{ account_name.stdout }}"
|
|
group: "{{ group_name.stdout }}"
|
|
loop:
|
|
- src: gpg.conf
|
|
dest: .gnupg/gpg.conf
|
|
- src: gpg-agent.conf
|
|
dest: .gnupg/gpg-agent.conf
|
|
- src: scdaemon.conf
|
|
dest: .gnupg/scdaemon.conf
|
|
|
|
- name: Check trusted gpg keys
|
|
command: gpg --list-public-keys --keyid-format LONG
|
|
register: gpgkeys
|
|
changed_when: false
|
|
check_mode: no
|
|
|
|
- name: Import public key for yubikey
|
|
command: gpg --import
|
|
when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
|
|
args:
|
|
stdin: "{{ lookup('file', 'gpg.asc') }}"
|