41 lines
1.0 KiB
YAML
41 lines
1.0 KiB
YAML
---
|
|
|
|
- name: Ensure gnupg is installed (RedHat*)
|
|
package:
|
|
name: gnupg2
|
|
state: latest
|
|
become: true
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: Ensure gnupg is installed (Arch)
|
|
package:
|
|
name: gnupg
|
|
state: latest
|
|
become: true
|
|
when: ansible_os_family == "Archlinux"
|
|
|
|
- name: Ensure gpg.conf is templated
|
|
template:
|
|
src: gpg.conf.j2
|
|
dest: "{{ gpg_config_file }}"
|
|
|
|
- name: Configure gpg-agent.conf (agent configuration)
|
|
template:
|
|
src: gpg-agent.conf.j2
|
|
dest: "{{ gpg_agent_config_file }}"
|
|
|
|
# attempt to bootstrap the supplied keys here, so the keygrip can be retrieved
|
|
|
|
- name: Configure sshcontrol (in order for gpg-agent to act as ssh-agent)
|
|
template:
|
|
src: sshcontrol.j2
|
|
dest: "{{ gpg_agent_sshcontrol_file }}"
|
|
when: gpg_agent_config_enable_ssh_support
|
|
|
|
- name: Copy gnupg_agent script, which makes gpg-agent responsible for ssh-auth
|
|
file:
|
|
src: gpg-configure-ssh-auth-socket.sh
|
|
dest: "{{ gpg_configure_agent_script }}"
|
|
mode: 0700
|
|
when: gpg_agent_config_enable_ssh_support
|