glenux-provisioning/ansible-role--duplicity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role--duplicity/tasks/config_gnupg.yml
Glenn d9a2a80b5f Initial import
2024-07-12 14:36:06 +02:00

49 lines
1.2 KiB
YAML
Raw Blame History

---
##
## Config: GPG Part
##
- name: Create GPG directory
file:
path: /root/.gnupg
state: directory
mode: '0700'
- name: Send GPG passphrase
copy:
src: "{{duplicity_gpg_passphrase}}"
dest: /etc/glenux.duplicity/gnupg_backup.passphrase
mode: "0600"
- name: Send GPG secret key
copy:
src: "{{duplicity_gpg_key}}"
dest: /etc/glenux.duplicity/gnupg_backup.key
mode: "0600"
- name: Send GPG public key
copy:
src: "{{duplicity_gpg_pubkey}}"
dest: /etc/glenux.duplicity/gnupg_backup.pubkey
mode: "0600"
- name: Import GPG key
command: "gpg --batch
--passphrase-file /etc/glenux.duplicity/gnupg_backup.passphrase
--pinentry-mode loopback
--import /etc/glenux.duplicity/gnupg_backup.key"
- name: De-armor GPG key
command: "gpg -no-tty
--dearmor
/etc/glenux.duplicity/gnupg_backup.key"
- name: Set GPG key trustlevel
shell: "gpg --with-fingerprint
--no-default-keyring
--secret-keyring /etc/glenux.duplicity/gnupg_backup.key.gpg
--list-secret-keys
--with-colons
| sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\\1:6:/p'
| gpg --import-ownertrust"
#
Reference in a new issue View git blame Copy permalink