summaryrefslogtreecommitdiff
path: root/roles/gnupg
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@fretlink.com>2018-11-21 01:54:14 +0100
committerIsmaël Bouya <ismael.bouya@fretlink.com>2018-11-21 02:17:57 +0100
commit39749dd76fb02744f26c68054a9955cbe3e26849 (patch)
treee235402070f5fa99735732a0defb33be104023b6 /roles/gnupg
parentdf352b462703d68c9cfd2fa5ad85514ce0bd71fa (diff)
downloadAnsible-39749dd76fb02744f26c68054a9955cbe3e26849.tar.gz
Ansible-39749dd76fb02744f26c68054a9955cbe3e26849.tar.zst
Ansible-39749dd76fb02744f26c68054a9955cbe3e26849.zip
Add a tag to prevent gpg-related actions during the home bootstrap
Diffstat (limited to 'roles/gnupg')
-rw-r--r--roles/gnupg/tasks/main.yml7
1 files changed, 4 insertions, 3 deletions
diff --git a/roles/gnupg/tasks/main.yml b/roles/gnupg/tasks/main.yml
index 954c029..84957cf 100644
--- a/roles/gnupg/tasks/main.yml
+++ b/roles/gnupg/tasks/main.yml
@@ -22,13 +22,14 @@
22 changed_when: false 22 changed_when: false
23 check_mode: no 23 check_mode: no
24- name: check existing secret key 24- name: check existing secret key
25 tags: ["no_bootstrap"]
25 shell: "gpg --list-secret-keys | grep '{{ gpg_useremail }}'" 26 shell: "gpg --list-secret-keys | grep '{{ gpg_useremail }}'"
26 changed_when: false 27 changed_when: false
27 ignore_errors: true 28 ignore_errors: true
28 register: gpgkeys 29 register: gpgkeys
29 check_mode: no 30 check_mode: no
30- name: Ask for gpg password 31- name: Ask for gpg password
31 when: gpgkeys.stdout == "" 32 when: gpgkeys is defined and gpgkeys.stdout == ""
32 block: 33 block:
33 - name: Ask for gpg password 34 - name: Ask for gpg password
34 pause: 35 pause:
@@ -44,7 +45,7 @@
44 assert: 45 assert:
45 that: gpg_password_confirm.user_input == gpg_password.user_input 46 that: gpg_password_confirm.user_input == gpg_password.user_input
46- name: Generate gpg key 47- name: Generate gpg key
47 when: gpgkeys.stdout == "" 48 when: gpgkeys is defined and gpgkeys.stdout == ""
48 block: 49 block:
49 - name: Copy default template for gpg key generation 50 - name: Copy default template for gpg key generation
50 template: 51 template:
@@ -63,7 +64,7 @@
63- name: get keygrip 64- name: get keygrip
64 shell: "gpg -K --with-colons {{ gpg_useremail }} | grep '^grp' | cut -d':' -f10" 65 shell: "gpg -K --with-colons {{ gpg_useremail }} | grep '^grp' | cut -d':' -f10"
65 register: keygrip 66 register: keygrip
66 when: gpgkeys.stdout == "" 67 when: gpgkeys is defined and gpgkeys.stdout == ""
67 notify: 68 notify:
68 - notify add key to immae@immae.eu 69 - notify add key to immae@immae.eu
69 - send key to immae@immae.eu 70 - send key to immae@immae.eu