From 6091dfffa1010da587f5b62c2daabaaa682cad7c Mon Sep 17 00:00:00 2001
From: Alex Tavarez <admin@sukaato.moe>
Date: Sat, 6 Sep 2025 13:49:25 -0400
Subject: [PATCH] Added role default variable definitions for gpg key
 management

---
 .ansible/roles/lockdown/defaults/main.yml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/.ansible/roles/lockdown/defaults/main.yml b/.ansible/roles/lockdown/defaults/main.yml
index a09ebc6..7be22b0 100644
--- a/.ansible/roles/lockdown/defaults/main.yml
+++ b/.ansible/roles/lockdown/defaults/main.yml
@@ -2,14 +2,11 @@
 ---
 # defaults file for lockdown
 files_mode: no
-# create_groups:
-#   - group_name: "ftp"
 create_users:
   - username: "{{ hostvars[inventory_hostname]['passwords'][0].username }}"
     password: "{{ hostvars[inventory_hostname]['passwords'][0].password }}"
-    # ssh_authorize: yes
-# web_users:
-#   - caddy
-#   - www-data
 ssh_pubkey_filename_pattern: '.*\.pub'
 include_root_lock: yes
+gpg_private_keys_origin_host: localhost
+gpg_origin_private_keyids: [] # @NOTE list of gpg key ids from origin or source server
+gpg_origin_private_key_passwords: "{{ vaulted_gpg_origin_private_key_passwords }}" # @NOTE list of gpg key passwords from origin or source server