---
+- name: Config dirs
+ file:
+ state: directory
+ path: "$XDG_CONFIG_HOME/{{ item }}"
+ mode: 0700
+ loop:
+ - gnupg
- name: Config files
copy:
- src: "gnupg/{{ gnupg_config_item }}"
- dest: "$XDG_CONFIG_HOME/gnupg/{{ gnupg_config_item }}"
+ src: "gnupg/{{ item }}"
+ dest: "$XDG_CONFIG_HOME/gnupg/{{ item }}"
loop:
- gpg-agent.conf
- - gpg.conf
- loop_control:
- loop_var: gnupg_config_item
-- name: Protect directory
- file:
- path: $XDG_CONFIG_HOME/gnupg
- state: directory
- mode: 0700
+- name: gpg config file
+ template:
+ src: "gpg.conf.j2"
+ dest: "$XDG_CONFIG_HOME/gnupg/gpg.conf"
- name: Get gnupg runtime folder name
shell: 'gpgconf --list-dirs socketdir | sed -e "s@$XDG_RUNTIME_DIR/gnupg/@@"'
register: gnupg_runtime_dir_cmd
changed_when: false
check_mode: no
- name: check existing secret key
+ tags: ["no_bootstrap"]
shell: "gpg --list-secret-keys | grep '{{ gpg_useremail }}'"
changed_when: false
ignore_errors: true
register: gpgkeys
check_mode: no
- name: Ask for gpg password
- when: gpgkeys.stdout == ""
+ when: gpgkeys is defined and gpgkeys.stdout == ""
block:
- name: Ask for gpg password
pause:
assert:
that: gpg_password_confirm.user_input == gpg_password.user_input
- name: Generate gpg key
- when: gpgkeys.stdout == ""
+ when: gpgkeys is defined and gpgkeys.stdout == ""
block:
- name: Copy default template for gpg key generation
template:
- name: get keygrip
shell: "gpg -K --with-colons {{ gpg_useremail }} | grep '^grp' | cut -d':' -f10"
register: keygrip
- when: gpgkeys.stdout == ""
+ when: gpgkeys is defined and gpgkeys.stdout == ""
notify:
- notify add key to immae@immae.eu
- send key to immae@immae.eu
- meta: flush_handlers
- name: Override the gpg socket directory
block:
+ - name: Add systemd overrides directory
+ file:
+ path: "$XDG_CONFIG_HOME/systemd/user/{{ item }}.socket.d"
+ state: directory
+ loop:
+ - dirmngr
+ - gpg-agent
+ - gpg-agent-browser
+ - gpg-agent-extra
+ - gpg-agent-ssh
- name: Add systemd overrides
template:
- src: "systemd/{{ systemd_item }}.conf.j2"
- dest: "$XDG_CONFIG_HOME/systemd/user/{{ systemd_item }}.socket.d/override.conf"
+ src: "systemd/{{ item }}.conf.j2"
+ dest: "$XDG_CONFIG_HOME/systemd/user/{{ item }}.socket.d/override.conf"
register: results
loop:
- dirmngr
- gpg-agent-browser
- gpg-agent-extra
- gpg-agent-ssh
- loop_control:
- loop_var: systemd_item
- name: Restart systemd units
systemd:
daemon_reload: true
scope: user
state: restarted
- name: "{{ restart_systemd_item }}.socket"
+ name: "{{ item }}.socket"
loop: "{{ results.results|selectattr('changed')|map(attribute='item')|list }}"
- loop_control:
- loop_var: restart_systemd_item