2025-10-02 11:10:27 +02:00
|
|
|
---
|
|
|
|
|
- name: Base user configuration
|
2024-05-03 14:43:49 +02:00
|
|
|
tags: [user:base]
|
|
|
|
|
block:
|
2025-10-02 11:10:27 +02:00
|
|
|
- ansible.builtin.set_fact:
|
2024-05-03 14:43:49 +02:00
|
|
|
user_groups:
|
|
|
|
|
- libvirt
|
|
|
|
|
- wheel
|
|
|
|
|
- wireshark
|
|
|
|
|
- docker
|
|
|
|
|
- sudonopw
|
|
|
|
|
- games
|
|
|
|
|
- kvm
|
|
|
|
|
- video
|
2020-12-08 22:00:44 +01:00
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Create user group
|
|
|
|
|
ansible.builtin.group:
|
2024-05-03 14:43:49 +02:00
|
|
|
name: "{{ user.name }}"
|
|
|
|
|
state: present
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
2019-11-14 09:16:55 +01:00
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Create user
|
|
|
|
|
ansible.builtin.user:
|
2024-05-03 14:43:49 +02:00
|
|
|
name: "{{ user.name }}"
|
|
|
|
|
state: present
|
|
|
|
|
home: "/home/{{ user.name }}"
|
|
|
|
|
create_home: true
|
2025-10-22 00:40:05 +02:00
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
groups: "{{ ['dotfiles'] + user_groups }}"
|
2024-05-03 14:43:49 +02:00
|
|
|
shell: /usr/bin/zsh
|
|
|
|
|
skeleton: /dev/null
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
2019-11-14 09:16:55 +01:00
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Create systemd directory
|
|
|
|
|
ansible.builtin.file:
|
2021-09-25 19:08:16 +02:00
|
|
|
state: directory
|
|
|
|
|
path: "{{ item }}"
|
|
|
|
|
owner: "{{ user.name }}"
|
2024-04-14 02:37:01 +02:00
|
|
|
group: "{{ user.name }}"
|
2021-09-25 19:08:16 +02:00
|
|
|
loop:
|
|
|
|
|
- "/home/{{ user.name }}/.config/"
|
|
|
|
|
- "/home/{{ user.name }}/.config/systemd/"
|
|
|
|
|
- "/home/{{ user.name }}/.config/systemd/user/"
|
|
|
|
|
|
2025-10-10 23:27:44 +02:00
|
|
|
- name: Configure autologin
|
|
|
|
|
when: user.autologin|default(true) is sameas True
|
|
|
|
|
block:
|
|
|
|
|
- name: Create directory for getty autologin
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
state: directory
|
|
|
|
|
path: /etc/systemd/system/getty@tty{{ user.vt }}.service.d
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: "0755"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
2019-11-14 09:16:55 +01:00
|
|
|
|
2025-10-10 23:27:44 +02:00
|
|
|
- name: Enable getty autologin
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
dest: /etc/systemd/system/getty@tty{{ user.vt }}.service.d/override.conf
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: "0644"
|
|
|
|
|
content: |
|
|
|
|
|
[Service]
|
|
|
|
|
ExecStart=
|
|
|
|
|
ExecStart=-/sbin/agetty --autologin {{ user.name }} --noclear %I $TERM
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
2019-11-14 09:16:55 +01:00
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Configure dotfiles
|
2019-11-14 09:16:55 +01:00
|
|
|
tags:
|
2024-05-03 16:22:20 +02:00
|
|
|
- user:dotfiles
|
2024-04-26 12:04:12 +02:00
|
|
|
block:
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Load dotfile list
|
|
|
|
|
ansible.builtin.include_vars:
|
2024-04-26 12:04:12 +02:00
|
|
|
file: dotfiles.yml
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Get state of empty directories
|
|
|
|
|
ansible.builtin.stat:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: ~/{{ item.name }}
|
|
|
|
|
register: empty_dir_stat
|
|
|
|
|
with_items: "{{ empty_directories }}"
|
|
|
|
|
check_mode: false
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.name }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Remove symlinks
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: "{{ item.stat.path }}"
|
|
|
|
|
state: absent
|
|
|
|
|
when: item.stat.exists and item.stat.islnk
|
|
|
|
|
with_items: "{{ empty_dir_stat.results }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.item.name }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Create empty directories for dotfiles
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: directory
|
|
|
|
|
path: ~/{{ item.name }}
|
|
|
|
|
mode: "{{ item.mode | default('0755') }}"
|
|
|
|
|
with_items: "{{ empty_directories }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.name }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Link this folder to ~/.dotfiles
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: link
|
|
|
|
|
force: true
|
|
|
|
|
follow: false
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
path: "/home/{{ user.name }}/.dotfiles"
|
|
|
|
|
src: "{{ playbook_dir }}"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Get state of copy targets
|
|
|
|
|
ansible.builtin.stat:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: ~/{{ item.to }}
|
|
|
|
|
register: copy_stat
|
|
|
|
|
when: not item.template|default(false)
|
|
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
check_mode: false
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Remove invalid copy target (symlinks)
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: "{{ item.stat.path }}"
|
|
|
|
|
state: absent
|
|
|
|
|
when:
|
|
|
|
|
- not item.skipped is defined or not item.skipped
|
|
|
|
|
- item.stat.exists
|
2024-11-09 18:01:19 +01:00
|
|
|
- item.stat.islnk
|
2024-04-26 12:04:12 +02:00
|
|
|
with_items: "{{ copy_stat.results }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.item.from }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Make sure target directories exist
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: directory
|
2025-10-02 11:10:27 +02:00
|
|
|
path: "{{ (['/home', user.name, item.to] | join('/')) | dirname }}"
|
2024-04-26 12:04:12 +02:00
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Copy dotfiles
|
|
|
|
|
ansible.builtin.copy:
|
2024-11-09 18:01:19 +01:00
|
|
|
dest: "/home/{{ user.name }}/{{ item.to }}"
|
2024-04-26 12:04:12 +02:00
|
|
|
src: /var/lib/dotfiles/{{ item.from }}
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
2024-11-09 18:01:19 +01:00
|
|
|
when: not item.template|default(false) and not item.dir|default(false)
|
|
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Copy directories
|
|
|
|
|
ansible.posix.synchronize:
|
2024-11-09 18:01:19 +01:00
|
|
|
dest: "/home/{{ user.name }}/{{ item.to }}/"
|
|
|
|
|
src: /var/lib/dotfiles/{{ item.from }}/
|
|
|
|
|
archive: false
|
|
|
|
|
owner: false
|
|
|
|
|
group: false
|
|
|
|
|
links: true
|
|
|
|
|
perms: false
|
|
|
|
|
times: false
|
|
|
|
|
recursive: true
|
|
|
|
|
checksum: true
|
|
|
|
|
delete: true
|
|
|
|
|
when: item.dir|default(false)
|
|
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Apply directory permissions
|
|
|
|
|
ansible.builtin.file:
|
2024-11-09 18:01:19 +01:00
|
|
|
dest: "/home/{{ user.name }}/{{ item.to }}/"
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
recurse: true
|
|
|
|
|
when: item.dir|default(false)
|
2024-04-26 12:04:12 +02:00
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Get state of template targets
|
|
|
|
|
ansible.builtin.stat:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: ~/{{ item.to }}
|
|
|
|
|
register: template_stat
|
|
|
|
|
when: item.template|default(false)
|
|
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
check_mode: false
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Remove invalid template target (directory or symlink)
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: "{{ item.stat.path }}"
|
|
|
|
|
state: absent
|
|
|
|
|
when:
|
|
|
|
|
- not item.skipped is defined or not item.skipped
|
|
|
|
|
- item.stat.exists
|
|
|
|
|
- not item.stat.isreg
|
|
|
|
|
with_items: "{{ template_stat.results }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Deploy dotfiles templates
|
|
|
|
|
ansible.builtin.template:
|
2024-04-26 12:04:12 +02:00
|
|
|
src: /var/lib/dotfiles/{{ item.from }}.j2
|
|
|
|
|
dest: "/home/{{ user.name }}/{{ item.to }}"
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
force: true
|
|
|
|
|
become: true
|
|
|
|
|
become_user: root
|
|
|
|
|
when: item.template|default(false)
|
|
|
|
|
with_items: "{{ dotfiles }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.to }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Remove dotfiles
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: absent
|
|
|
|
|
path: "/home/{{ user.name }}/{{ item }}"
|
|
|
|
|
loop: "{{ dotfiles_remove }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Create directories
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: directory
|
|
|
|
|
path: "{{ item }}"
|
|
|
|
|
with_items:
|
|
|
|
|
- ~/tmp
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Stat ~/bin
|
|
|
|
|
ansible.builtin.stat:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: "/home/{{ user.name }}/bin"
|
|
|
|
|
register: bin_stat
|
|
|
|
|
check_mode: false
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Remove ~/bin if not a link
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: absent
|
|
|
|
|
path: "/home/{{ user.name }}/bin"
|
|
|
|
|
when:
|
|
|
|
|
- bin_stat.stat.exists
|
|
|
|
|
- not bin_stat.stat.islnk
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Link bin directory
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: link
|
|
|
|
|
force: true
|
|
|
|
|
follow: false
|
|
|
|
|
path: "/home/{{ user.name }}/bin"
|
|
|
|
|
src: /var/lib/dotfiles/bin
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Firefox
|
2021-10-10 17:04:50 +02:00
|
|
|
tags:
|
2024-05-03 16:22:20 +02:00
|
|
|
- user:firefox
|
2020-12-20 20:36:27 +01:00
|
|
|
block:
|
2025-11-11 16:06:49 +01:00
|
|
|
- name: Create firefox base directories
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
path: "{{ item }}"
|
|
|
|
|
state: directory
|
|
|
|
|
mode: "0755"
|
|
|
|
|
loop:
|
|
|
|
|
- "~/.mozilla/"
|
|
|
|
|
- "~/.mozilla/firefox/"
|
2024-04-26 12:04:12 +02:00
|
|
|
|
2025-11-11 16:06:49 +01:00
|
|
|
- name: Create firefox profile directories
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
path: "~/.mozilla/firefox/profile-{{ item.key }}"
|
|
|
|
|
state: directory
|
|
|
|
|
mode: "0755"
|
2024-04-26 12:04:12 +02:00
|
|
|
loop: "{{ user.firefox_profiles | dict2items }}"
|
2025-11-11 16:06:49 +01:00
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.key }}"
|
2024-04-26 12:04:12 +02:00
|
|
|
|
2025-11-11 16:06:49 +01:00
|
|
|
- name: Create chrome directory
|
2025-10-02 11:10:27 +02:00
|
|
|
ansible.builtin.file:
|
2025-11-11 16:06:49 +01:00
|
|
|
path: "~/.mozilla/firefox/profile-{{ item.key }}/chrome/"
|
2024-04-26 12:04:12 +02:00
|
|
|
state: directory
|
2025-10-02 11:10:27 +02:00
|
|
|
mode: "0755"
|
2025-11-11 16:06:49 +01:00
|
|
|
loop: "{{ user.firefox_profiles | dict2items }}"
|
2024-04-26 12:04:12 +02:00
|
|
|
loop_control:
|
2025-11-11 16:06:49 +01:00
|
|
|
label: "{{ item.key }}"
|
2024-04-26 12:04:12 +02:00
|
|
|
|
2025-11-11 16:06:49 +01:00
|
|
|
- name: Configure firefox custom css
|
2025-10-02 11:10:27 +02:00
|
|
|
ansible.builtin.copy:
|
2025-11-11 16:06:49 +01:00
|
|
|
dest: "~/.mozilla/firefox/profile-{{ item.key }}/chrome/userChrome.css"
|
|
|
|
|
# from https://www.kvakil.me/posts/2023-09-12-my-tree-style-tab-configuration.html
|
2024-04-26 12:04:12 +02:00
|
|
|
content: |
|
2025-11-11 16:06:49 +01:00
|
|
|
// Hide the title bar.
|
2024-04-26 12:04:12 +02:00
|
|
|
#titlebar {
|
2025-11-11 16:06:49 +01:00
|
|
|
appearance: none !important;
|
|
|
|
|
height: 0px;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#titlebar > #toolbar-menubar {
|
|
|
|
|
margin-top: 0px;
|
2024-04-26 12:04:12 +02:00
|
|
|
}
|
2025-11-11 16:06:49 +01:00
|
|
|
|
|
|
|
|
// Hide regular tab toolbar.
|
|
|
|
|
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar > .toolbar-items {
|
|
|
|
|
opacity: 0;
|
|
|
|
|
pointer-events: none;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
|
2024-04-26 12:04:12 +02:00
|
|
|
visibility: collapse !important;
|
|
|
|
|
}
|
2025-11-11 16:06:49 +01:00
|
|
|
|
|
|
|
|
// Hide the side toolbar noise.
|
|
|
|
|
#TabsToolbar {
|
|
|
|
|
min-width: 0 !important;
|
|
|
|
|
min-height: 0 !important;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#TabsToolbar > .titlebar-buttonbox-container {
|
|
|
|
|
display: block;
|
|
|
|
|
position: absolute;
|
|
|
|
|
top: 12px;
|
|
|
|
|
left: 0px;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#sidebar-box[sidebarcommand="treestyletab_piro_sakura_ne_jp-sidebar-action"] #sidebar-header {
|
|
|
|
|
display: none;
|
|
|
|
|
}
|
2024-04-26 12:04:12 +02:00
|
|
|
when:
|
2025-11-11 16:06:49 +01:00
|
|
|
- item.value.manage_css is sameas True
|
|
|
|
|
loop: "{{ user.firefox_profiles | dict2items }}"
|
2024-04-26 12:04:12 +02:00
|
|
|
loop_control:
|
2025-11-11 16:06:49 +01:00
|
|
|
label: "{{ item.key }}"
|
2021-10-02 10:52:59 +02:00
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Handle user units
|
2024-05-05 15:29:55 +02:00
|
|
|
tags:
|
|
|
|
|
- user:units
|
|
|
|
|
block:
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Link user service files
|
|
|
|
|
ansible.builtin.file:
|
2024-05-05 15:29:55 +02:00
|
|
|
state: link
|
|
|
|
|
force: true
|
|
|
|
|
follow: false
|
|
|
|
|
path: "/home/{{ user.name }}/.config/systemd/user/{{ item | basename }}"
|
|
|
|
|
src: "{{ item }}"
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
with_fileglob: /var/lib/dotfiles/services/*
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Handle autostart units
|
2020-12-20 20:36:27 +01:00
|
|
|
tags:
|
2024-05-03 16:22:20 +02:00
|
|
|
- user:autostart
|
2024-04-26 12:04:12 +02:00
|
|
|
block:
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Create systemd user directory
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: directory
|
|
|
|
|
path: ~/{{ item }}
|
|
|
|
|
loop:
|
|
|
|
|
- .config/
|
|
|
|
|
- .config/systemd/
|
|
|
|
|
- .config/systemd/user/
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Link autostart service files
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
state: link
|
|
|
|
|
force: true
|
|
|
|
|
follow: false
|
|
|
|
|
path: "/home/{{ user.name }}/.config/systemd/user/{{ item | basename }}"
|
|
|
|
|
src: "{{ item }}"
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
with_fileglob: /var/lib/dotfiles/autostart/services/*
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Get state of autostart.target
|
|
|
|
|
ansible.builtin.stat:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: "/home/{{ user.name }}/.config/systemd/user/autostart.target"
|
|
|
|
|
register: autostart_target_stat
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Remove invalid autostart.target
|
|
|
|
|
ansible.builtin.file:
|
2024-04-26 12:04:12 +02:00
|
|
|
path: "/home/{{ user.name }}/.config/systemd/user/autostart.target"
|
|
|
|
|
state: absent
|
|
|
|
|
when:
|
|
|
|
|
- autostart_target_stat.stat.exists
|
|
|
|
|
- not autostart_target_stat.stat.isreg
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Deploy autostart.target
|
|
|
|
|
ansible.builtin.template:
|
2024-04-26 12:04:12 +02:00
|
|
|
src: ./autostart/autostart.target.j2
|
|
|
|
|
dest: "/home/{{ user.name }}/.config/systemd/user/autostart.target"
|
|
|
|
|
owner: "{{ user.name }}"
|
|
|
|
|
group: "{{ user.name }}"
|
|
|
|
|
force: true
|
|
|
|
|
follow: false
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Gpg
|
2024-04-26 12:04:12 +02:00
|
|
|
tags:
|
2024-05-03 16:22:20 +02:00
|
|
|
- user:gpg
|
2025-10-02 11:10:27 +02:00
|
|
|
when: user.gpg_key is defined
|
2024-04-26 12:04:12 +02:00
|
|
|
block:
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Import gpg key
|
|
|
|
|
ansible.builtin.command: gpg --import ./gpgkeys/{{ user.gpg_key.email }}.gpg.asc
|
2024-04-26 12:04:12 +02:00
|
|
|
register: gpg_import_output
|
|
|
|
|
changed_when: not ("unchanged" in gpg_import_output.stderr)
|
|
|
|
|
|
2025-10-02 11:10:27 +02:00
|
|
|
- name: Trust gpg key
|
|
|
|
|
ansible.builtin.shell: "gpg --import-ownertrust <<< {{ user.gpg_key.fingerprint }}:6"
|
2024-04-26 12:04:12 +02:00
|
|
|
args:
|
|
|
|
|
executable: /bin/bash # required for <<<
|
|
|
|
|
register: gpg_trust_output
|
|
|
|
|
changed_when: gpg_trust_output.stderr_lines|length > 0
|
