Added role default variable definitions for gpg key management

2025-09-06 13:49:25 -04:00
parent dd29aa7384
commit 6091dfffa1
1 changed files with 3 additions and 6 deletions
--- a/.ansible/roles/lockdown/defaults/main.yml
+++ b/.ansible/roles/lockdown/defaults/main.yml
@@ -2,14 +2,11 @@
 ---
 # defaults file for lockdown
 files_mode: no
-# create_groups:
-#   - group_name: "ftp"
 create_users:
  - username: "{{ hostvars[inventory_hostname]['passwords'][0].username }}"
    password: "{{ hostvars[inventory_hostname]['passwords'][0].password }}"
-    # ssh_authorize: yes
-# web_users:
-#   - caddy
-#   - www-data
 ssh_pubkey_filename_pattern: '.*\.pub'
 include_root_lock: yes
+gpg_private_keys_origin_host: localhost
+gpg_origin_private_keyids: [] # @NOTE list of gpg key ids from origin or source server
+gpg_origin_private_key_passwords: "{{ vaulted_gpg_origin_private_key_passwords }}" # @NOTE list of gpg key passwords from origin or source server