feat(gnupg): configure scdaemon.conf

This commit is contained in:
transcaffeine 2022-08-22 17:04:36 +02:00
parent 682307c35d
commit 1e0f4a0dbf
Signed by: transcaffeine
GPG Key ID: 03624C433676E465
3 changed files with 22 additions and 1 deletions

View File

@ -3,6 +3,7 @@
gpg_config_folder: ~/.gnupg gpg_config_folder: ~/.gnupg
gpg_config_file: "{{ gpg_config_folder }}/gpg.conf" gpg_config_file: "{{ gpg_config_folder }}/gpg.conf"
gpg_agent_config_file: "{{ gpg_config_folder }}/gpg-agent.conf" gpg_agent_config_file: "{{ gpg_config_folder }}/gpg-agent.conf"
gpg_scdaemon_config_file: "{{ gpg_config_folder }}/scdaemon.conf"
gpg_agent_sshcontrol_file: "{{ gpg_config_folder }}/sshcontrol" gpg_agent_sshcontrol_file: "{{ gpg_config_folder }}/sshcontrol"
gpg_configure_agent_script: "{{ gpg_config_folder }}/gpg-configure-as-ssh-agent.sh" gpg_configure_agent_script: "{{ gpg_config_folder }}/gpg-configure-as-ssh-agent.sh"
@ -24,3 +25,8 @@ gpg_agent_config_cache_ttl_ssh: 300
gpg_agent_config_enable_ssh_support: false gpg_agent_config_enable_ssh_support: false
gpg_agent_config_ignore_cache_for_signing: true gpg_agent_config_ignore_cache_for_signing: true
gpg_agent_config_allow_external_cache: false gpg_agent_config_allow_external_cache: false
gpg_scdaemon_config_driver: ~
gpg_scdaemon_config_card_timeout: ~
gpg_scdaemon_config_disable_ccid: false
gpg_scdaemon_config_pcsc_shared: true

View File

@ -30,7 +30,10 @@
src: gpg-agent.conf.j2 src: gpg-agent.conf.j2
dest: "{{ gpg_agent_config_file }}" dest: "{{ gpg_agent_config_file }}"
# attempt to bootstrap the supplied keys here, so the keygrip can be retrieved - name: Configure scdaemon.conf (smartcard daemon)
template:
src: scdaemon.conf.j2
dest: "{{ gpg_scdaemon_config_file }}"
- name: Configure sshcontrol (in order for gpg-agent to act as ssh-agent) - name: Configure sshcontrol (in order for gpg-agent to act as ssh-agent)
template: template:

View File

@ -0,0 +1,12 @@
{% if gpg_scdaemon_config_disable_ccid | default(false) %}
disable-ccid
{% endif %}
{% if gpg_scdaemon_config_card_timeout | default(false) %}
card-timeout {{ gpg_scdaemon_config_card_timeout }}
{% endif %}
{% if gpg_scdaemon_config_driver | default(false) %}
pcsc-driver {{ gpg_scdaemon_config_driver }}
{% endif %}
{% if gpg_scdaemon_config_pcsc_shared | default(true) %}
pcsc-shared
{% endif %}