---
-- name: Config files
- synchronize:
- recursive: yes
- archive: no
- checksum: yes
- src: gnupg
- dest: /$XDG_CONFIG_HOME/
-- name: Protect directory
+- name: Config dirs
file:
- path: $XDG_CONFIG_HOME/gnupg
state: directory
+ path: "$XDG_CONFIG_HOME/{{ item }}"
mode: 0700
+ loop:
+ - gnupg
+- name: Config files
+ copy:
+ src: "gnupg/{{ item }}"
+ dest: "$XDG_CONFIG_HOME/gnupg/{{ item }}"
+ loop:
+ - gpg-agent.conf
+ - gpg.conf
- name: Get gnupg runtime folder name
shell: 'gpgconf --list-dirs socketdir | sed -e "s@$XDG_RUNTIME_DIR/gnupg/@@"'
register: gnupg_runtime_dir_cmd
- notify add key to immae@immae.eu
- send key to immae@immae.eu
- notify add key to password store
+- meta: flush_handlers
- name: add keygrip to sshcontrol
lineinfile:
line: "{{ keygrip.stdout }}"
when: keygrip is defined and "stdout" in keygrip and keygrip.stdout != ""
notify:
- restart gpg-agent
+- meta: flush_handlers
- name: Override the gpg socket directory
block:
- name: Add systemd overrides
state: restarted
name: "{{ item }}.socket"
loop: "{{ results.results|selectattr('changed')|map(attribute='item')|list }}"
-- name: clone password store
- register: clone_password_store
- shell: "cd $(dirname $ANSIBLE_CONFIG ); git submodule update --init password_store"
- changed_when: clone_password_store is defined and "stdout" in clone_password_store and clone_password_store.stdout != ""