39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
---
|
|
- name: Acquire GPG private keys from other system
|
|
when: not files_mode
|
|
delegate_to: "{{ gpg_private_keys_origin_host }}"
|
|
ansible.builtin.command:
|
|
argv:
|
|
- gpg
|
|
- -a
|
|
- --export-secret-key
|
|
- "{{ item }}"
|
|
loop: "{{ gpg_origin_private_keyids }}"
|
|
register: gpg_secrets
|
|
- name: Create GPG private keys
|
|
ansible.builtin.copy:
|
|
content: "{{ item }}"
|
|
dest: "{{ ansible_facts['user_dir'] }}/.gnupg/{{ ansible_facts['user_id'] }}-{{ idx }}.priv.asc"
|
|
force: yes
|
|
backup: yes
|
|
mode: "0600"
|
|
state: present
|
|
loop: "{{ gpg_secrets.results }}"
|
|
loop_control:
|
|
index_var: idx
|
|
register: created_gpg_private_keys
|
|
- name: Import GPG private keys
|
|
when: (gpg_origin_private_key_passwords | length) == (gpg_origin_private_keyids | length)
|
|
ansible.builtin.command:
|
|
argv:
|
|
- gpg
|
|
- --batch
|
|
- --import
|
|
- --yes
|
|
- --passphrase-fd
|
|
- 0
|
|
- "{{ item.dest }}"
|
|
stdin: "{{ gpg_origin_private_key_passwords[idx] }}"
|
|
loop: "{{ created_gpg_private_keys.results }}"
|
|
loop_control:
|
|
index_var: idx |