diff --git a/roles/gnupg/defaults/main.yml b/roles/gnupg/defaults/main.yml index 948ed2b..55b7278 100644 --- a/roles/gnupg/defaults/main.yml +++ b/roles/gnupg/defaults/main.yml @@ -3,6 +3,7 @@ gpg_config_folder: ~/.gnupg gpg_config_file: "{{ gpg_config_folder }}/gpg.conf" gpg_agent_config_file: "{{ gpg_config_folder }}/gpg-agent.conf" +gpg_scdaemon_config_file: "{{ gpg_config_folder }}/scdaemon.conf" gpg_agent_sshcontrol_file: "{{ gpg_config_folder }}/sshcontrol" gpg_configure_agent_script: "{{ gpg_config_folder }}/gpg-configure-as-ssh-agent.sh" @@ -24,3 +25,8 @@ gpg_agent_config_cache_ttl_ssh: 300 gpg_agent_config_enable_ssh_support: false gpg_agent_config_ignore_cache_for_signing: true gpg_agent_config_allow_external_cache: false + +gpg_scdaemon_config_driver: ~ +gpg_scdaemon_config_card_timeout: ~ +gpg_scdaemon_config_disable_ccid: false +gpg_scdaemon_config_pcsc_shared: true diff --git a/roles/gnupg/tasks/main.yml b/roles/gnupg/tasks/main.yml index 2e5b62e..0da58cd 100644 --- a/roles/gnupg/tasks/main.yml +++ b/roles/gnupg/tasks/main.yml @@ -30,7 +30,10 @@ src: gpg-agent.conf.j2 dest: "{{ gpg_agent_config_file }}" -# attempt to bootstrap the supplied keys here, so the keygrip can be retrieved +- name: Configure scdaemon.conf (smartcard daemon) + template: + src: scdaemon.conf.j2 + dest: "{{ gpg_scdaemon_config_file }}" - name: Configure sshcontrol (in order for gpg-agent to act as ssh-agent) template: diff --git a/roles/gnupg/templates/scdaemon.conf.j2 b/roles/gnupg/templates/scdaemon.conf.j2 new file mode 100644 index 0000000..0147380 --- /dev/null +++ b/roles/gnupg/templates/scdaemon.conf.j2 @@ -0,0 +1,12 @@ +{% if gpg_scdaemon_config_disable_ccid | default(false) %} +disable-ccid +{% endif %} +{% if gpg_scdaemon_config_card_timeout | default(false) %} +card-timeout {{ gpg_scdaemon_config_card_timeout }} +{% endif %} +{% if gpg_scdaemon_config_driver | default(false) %} +pcsc-driver {{ gpg_scdaemon_config_driver }} +{% endif %} +{% if gpg_scdaemon_config_pcsc_shared | default(true) %} +pcsc-shared +{% endif %}