From 8011c1827a1793c3d547fb94ed2d8292c0ac2739 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hannes=20K=C3=B6rber?= Date: Sat, 2 Oct 2021 12:02:24 +0200 Subject: [PATCH] Add personal gpg key configuration --- _machines/ares.yml | 6 +- _machines/neptune.yml | 6 +- _machines/tb-hak.yml | 6 +- git/gitconfig.j2 | 2 +- gpgkeys/hannes@hkoerber.de.gpg.asc | 109 +++++++++++++++++++++++++++++ user.yml | 16 +++++ 6 files changed, 138 insertions(+), 7 deletions(-) create mode 100644 gpgkeys/hannes@hkoerber.de.gpg.asc diff --git a/_machines/ares.yml b/_machines/ares.yml index 6754d85..56898e6 100644 --- a/_machines/ares.yml +++ b/_machines/ares.yml @@ -14,8 +14,10 @@ users: git_gpg_sign: false gpg_agent: true gpg_agent_for_ssh: true - gpg_keys: - master_key: "0xB5C002530C6A2053" + gpg_key: + email: hannes@hkoerber.de + id: "0xB5C002530C6A2053" + fingerprint: "973AE48D71B76735C4712B5BB5C002530C6A2053" environment: MACHINE_HAS_NEXTCLOUD: "true" has_yubikey: true diff --git a/_machines/neptune.yml b/_machines/neptune.yml index ad5ef4e..a16b6d0 100644 --- a/_machines/neptune.yml +++ b/_machines/neptune.yml @@ -31,8 +31,10 @@ users: git_gpg_sign: false gpg_agent: true gpg_agent_for_ssh: true - gpg_keys: - master_key: "0xB5C002530C6A2053" + gpg_key: + email: hannes@hkoerber.de + id: "0xB5C002530C6A2053" + fingerprint: "973AE48D71B76735C4712B5BB5C002530C6A2053" environment: MACHINE_HAS_NEXTCLOUD: "true" MACHINE_HAS_RESTIC_BACKUP: "false" diff --git a/_machines/tb-hak.yml b/_machines/tb-hak.yml index cb2641f..54ff4fe 100644 --- a/_machines/tb-hak.yml +++ b/_machines/tb-hak.yml @@ -25,8 +25,10 @@ users: git_gpg_sign: false gpg_agent: true gpg_agent_for_ssh: true - gpg_keys: - master_key: "0xB5C002530C6A2053" + gpg_key: + email: hannes@hkoerber.de + id: "0xB5C002530C6A2053" + fingerprint: "973AE48D71B76735C4712B5BB5C002530C6A2053" environment: MACHINE_HAS_NEXTCLOUD: "true" MACHINE_HAS_RESTIC_BACKUP: "false" diff --git a/git/gitconfig.j2 b/git/gitconfig.j2 index a717331..2f36e31 100644 --- a/git/gitconfig.j2 +++ b/git/gitconfig.j2 @@ -3,7 +3,7 @@ email = {{ user.mail }} useConfigOnly = true {% if user.git_gpg_sign|bool %} - signingkey = {{ user.gpg_keys.master_key }} + signingkey = {{ user.gpg_key.id }} {% endif %} [github] user = hakoerber diff --git a/gpgkeys/hannes@hkoerber.de.gpg.asc b/gpgkeys/hannes@hkoerber.de.gpg.asc new file mode 100644 index 0000000..5bde204 --- /dev/null +++ b/gpgkeys/hannes@hkoerber.de.gpg.asc @@ -0,0 +1,109 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF52F2UBEADVm8w92aR5UoDq94jcCh5hEpbjIWrrmyBb3p7Z4x9loASIDNly +6SrHjpFONw7EdCNzT2zQCCCoKezKfzALuU3xQ3Vl5fhtp3Ij/HGonSEFhz4ibhUC +MsbCsUEU7yG/lzmz0dtk9UIWfVKDe8yhLCVxi+dUi2Lat58daQjO9OGjRP+Z5mMi +ZtGzmV2UQHWmMipKlxx9yDpX5l1i2qduNXfC2ki+uBudzNNaZtwk9t690UXa6DHz +xxnUJqewWG3zyFmhBrixOBF5Pdc+Uy79HOLfifZ+SRSpSKf7Dp7SiUE7XL0slWOD +xxRRZPW5u6heSgFnVCLjtupLUSUCccNnvTKrKB1iOEjkpko7Q7FVMe5bTQOrO1de +cr2PpGC3GeR6K1n0PYAwd49HgVZjCUqXzbz4Zeh9KRuM62geNTZjJxuuP7dbJP86 +p23+7uiODwVhdzvEP/ElYlwEGLGFFurbnqZ3DwFggdrQ6cOkSjQblt6xzxxlROo4 +HoyupyNz4I5yWqN+k4wk2+1A8TsSwKh1PAHG7C2LLZsKn4pSsdYgoaQaYsod89kZ +mA1Sr4IEe9rhG6TnofxHqHegzifPM0XPmYlwVccAF+lb+CrvWbSBHHA5FVE/PCBe +Xc4GYWghnobhK8kfgFZhr8BrBFFH+sAw8CYNbgg7O90HK7jnK79BlgU31QARAQAB +tCNIYW5uZXMgS8O2cmJlciA8aGFubmVzQGhrb2VyYmVyLmRlPokCTAQTAQoANhYh +BJc65I1xt2c1xHErW7XAAlMMaiBTBQJedhdlAhsBBAsJCAcEFQoJCAUWAgMBAAIe +AQIXgAAKCRC1wAJTDGogUyIxEACZXR+fN+bb6PYW821k8oXO/MvNiiqtWC9CuLjP +y1/eu/ZJUmeOca/8HsJsp0hOAJ7oUn3MBiW7gCVZ/2hQ+ywCtcDWp2PElutCiAyg +QgN1IEg9RAcx+7RmHC0SEafhnyT4ogi7hJ9SK3kPnf5Ryli6qNFAWb3dtfSENYLK +dqtzMi9+CvcsNKKMN+yhubVrQi5MHlqu7L4bdE4BW5bzsbbhLaPfmc/JYFkImF5v +dXnOBA9gx2bVREoTw/GPioed9hpPu1ZWZC5we+WD4eEGrQD/LG/XyGUh6wQwsC7P +aMXOydok7DHzUrCdvZ372Giv71cNV1++e6G+PdEqVo2FCp04Syzug5GwRbSAZ9B3 +1tqYV6L5SZh0TIjHNtuWTPq9dzpqVJJSxZdwvlgsv7Ni6GHYUrgTShza/+vXE1UE +2MCoLCK0ZrdeMd8m7VMom3WIiV+N28MsKVCoYDLd0LMOrmhDDap16SGJYs/dB4lo +a931k7ejOG68G2ViLJmRapkzEWH3TujYNyh4O7S6LuHwNvG6lyAyn9UTVSAaPT+t +BV4zfd4UfKhYcKSm+aQuJ5RrZ+2l8YU87daeE2JXy1/z9I0C/YqbT8yHMqUi4Fzy +VhfTAPm2lCLPomFmoS8fp2oNDt3s7AOQH2zOsimhA6pMTek/sKtywjRQ0TdXH2OA +p2B10rkCDQRedheFARAAl4cEamPYTwineGIBGubqhznKQhUJhm1P3AbwOfzYloxg +3wvq1njY0+1UY8HtV7EZ7xd1PpUgRxcA8paj2ootMwHM2TRxXad/EgpegfWNANQV +YnDQj8Zqabrf3Orue93pLeRir38kOzX1qcOz72G6HDJWSQZLqF6LWJ9GehDpf9VB +/K/8nXdEes2nLdffkR2blH5ltcM0kMak0tI3+5SnQCs1MmFWzSq+BFVYI5fT8hBf +MCskiypF05E0Np7t0C5dQmToPPv5w6flUIJn3h7BfUYAi9uOdUfAykI57hXUWUlV +gli5IJfDTYt/Y849vh3FH2qn0syQ425a8RqH5WLohH0qJ+A3nuOp6JfKGEFOiYxp +9Y5tn6zEfqGC+D/xWnGGgfc6IMQVGYbWvqHRqMQquV1bD3rd7dDOE3QdkBvxpcVv +1EeKfA36wRtlFyKgdHE0QiVD9VeCtGW1diFD3hEK+FqVdaxX45800gPjFIuzKOkv +zoVzYxrUCSACs+6QyyXP8I1zMX9SXRvEg02MmpohwmEhSgotOMcjbWNyVFNfCAaS +bCt9PyaWsz+qe2gGLAiYo2vvBij543vBgATSbFjhoM683gzo73AOYhaauULsy3Kq +yfolj6TwGyEg7wvMO6YLttKCahjyz5isiAcf4fSNqWG0zSnBf6n7HXdtTjjsfx8A +EQEAAYkEbAQYAQoAIBYhBJc65I1xt2c1xHErW7XAAlMMaiBTBQJedheFAhsCAkAJ +ELXAAlMMaiBTwXQgBBkBCgAdFiEEyitwWoxynRUrXLoQzSinzDExgBcFAl52F4UA +CgkQzSinzDExgBeCDw//WMa8qm/tBpr4BskpctySvIwiOf35o+cMAYvego94NkrY +wuASAn3/2QsaZvZnYdJfCrzchCA30QZxRWAvkHIJ/zXZ1ayugsnEypvhw23012Xr +KKMXyd6iuZdmbE1Umj6R1/LbdNjddqglR9AmKaOYaDzjpPuuirDbllRGh/7lluZq +q8BmPvFe6Cl8FIijx03RfCbYSvQQRH10IBeJ+z+eE7z7FRspf4kJ6vXAbbSlKoRR ++PcA+Yc7meW+dvMnRpczGDvDbl522Mw2pxV3p4aN8TSMwSWztD4koXo4KCklFPh5 +M4R4HbZFEZj4i8BU+cbsQscJ4jHqrCK/qPSRx103ikVqwOElZkYqKthnrQ7rxO7S +0CZOKzlK56Vl9LbnYE0nTHqZOxf9k9Z1ue9aVCRXWcQhCUVm9CLUegZz4DJtK9vl +ntdYTKPRmMCUw407rhkEFA3bQc9l56GP5ARc6NN9C0fbz2PgIryuLP4BvR/BIV4L +qLBgGfztN3KjHYI2RWAw3OcaxU7UhmXbCFvy6j/PVJckHNheqaIm/+wyDt+/rXf0 +3zc9YiEHrvGmmX+6VYlv8iE4sp2ye4EF0XSGm23/gKmvkF5jVuaB4OJeHYIQfOVP +nnmsDan2NZ2znE5UmaqgxvxAuQh+XVjKlSUfeff+9XCscQvzuNBC39V+S+cJLoNm +LA//Xd2Ic6Y9o44TaN1mDx031oYZjcmHq1YbwQbYnQj/uZZQHM4b62qMCCkdfsnU +KgeIJU78BxAj2vCgWI025K7un7Sh9q3cZdafOgcNz8YaXV9Nm0f6fLFsdTWbEvQ0 +Y1cHJlh6WKDV2lVtdgoEMSN73U3hohJhsldRengydb4/Cf8pZRJgatyXN+b7Hsg5 +h9LOAZRF4Om3A84QH7oYfOfeiwqGXzFE+lLqsPhwNUVnRJd98fjxYKdKz/3hNT5c +Pq/0/C+ivpAI3Kk1tecafhb0YSoFUEhZlnl/SSuTALvFdJGjpopbTL0M3YCcgh9v +tXb8Dcq7BEphWSeWP4Torbq17pLSlG65bgoZXoABYWCPSZiQCKDNXa2wqC3it5J9 +wURL9AOCsJCvqh798WLlNHaz9hnh76UF3idDI5SgJGEOAPStv3EGX/HhjOzUQPD+ +ixlXM63vmhCHxV9pnIURpBFhDUS/hs7apVm8pKzSv7PRQ5iu9RDbWUAWdyMlWPW9 +TglATGSMFpxGYTJiC+pHH24FCm6wR8D8LYnKkqxzd+nqFljvfEmQ70rIyUA1I3/6 +kCxGf7yKxTr2anV7tOFkNcCuj/ZSkb8CC6BCVk1HeE6h/hks78PdlLJr5zrSPxvP +U1iRM6NebRd4W990XCPw6ZHDm0CngSNU7s+7peB0M+pEaYO5Ag0EXnYXoQEQANxF +tmQz1jowITJ60eY/q7fWVv/w1CTT/ynAqPPgKw/MtGVBe8BWUJKufnxbNgn6ZamX +PU/Uq4x8QKMgbuqvaInHM3MvIqg0xoQ8qz4VBnc0Q0w0+G78UMcjzzAKJBDp1Qfy +zTvfPBD65fL+l2kFIyy9409uhzLnsvADE0saNmslfkVxyp8u+IYRVOjLpbKqJfrq +VDFTe3sktGSjlyWGHFKCx+xDGiJaAr/Qj0W/XH382nnC8dOhs96frQxz+cnwr4Uw +sH1jNfY5zrXcqjxekoNhgrYBflAkHyyiVp8HRepPWFxMnXtT2Z4bdtzIJVSOwko0 +j91MItL5KyHt5pOS3sJM5wCwno3Tg8zgzbD3AZJoWSbBSKip6e8CQ0uvFcoGcpya +IYJ38k7+yUihGfGCcPbKxdyFsHHxdIb0oVZAr9D2f9EsCzUvga4pH3yeMVKv0KWG +2n4zLOJiZ4mvchBJjzBwuy2UCJS6yH+7EmAlkxZGEVcXUN5X+LksmRfr8kSMwjWj +BlJyOCyKU4Jw/AFFarJlQ+5VieI9ISotXMrIS2VvqDexnxJo1vRzMvaNxK8uwaR7 +eT9h/oI1vEEkrh6aqsIZlj7Owf2TI+ve4JGJ1G+keP/1Ko1kNA+X4Trg3FAy0PR7 +Eg2iBpjxGyEOVe2K/QGnDpMSO6ISot4UgRDK+29fABEBAAGJAjYEGAEKACAWIQSX +OuSNcbdnNcRxK1u1wAJTDGogUwUCXnYXoQIbDAAKCRC1wAJTDGogU/aMEACrQCrW +Skyx2waPZk9PBoG1z+CypabL+NwSoPzNdsQcPPB3FlByJSm48aqamXJUH7srCkr/ +aT9GoPktdjstDoloLJ1gwvRiI0ccmwFBrkUU9wwn8mm/x+drktOOniUQA0qT/jvO +VNYgbfUVmfht6rTfVYlpGK1MxsTgEGvhFw/2PK6tibBnPW9d+3UFVWVELtq6r72H +l/ndkMOV2tnfBaEpRl94KHn7By0rjDUVQIOxFr73G4rWzU3h3OLHPXDPLa7zM9xF +Wn9f72L6UJ9MLbR43RCyrAfBFaF064BUwYpg//oaxAsbEl9FTmWV+IwywpufVRMu ++hujYyIsMdIUvEohyUXwSsDDLgCJspWkzCfPBaL0vBDQ3l8LshKoa/uFQ20tWhzH +D63XjRIAG2q/9e3E/HBBjpRoudsNJKSjbH2YH30+Uzpgc11hh2sgYRIPKWSUN3rN +/lOBF56YSoFCf35D41VVGmWPcm3Yz7hsSKNSEdH9FL2m8a2sIVOuzup00PlrQLiq +IrVZBHXAWk4FgqSLQLnxAX3X3Ot1OiBnqaIJZ1Q+hmRCbtOXuq964okyWs6l8FPS +Qg2ZEOEjc6q4uvdgV8duF8bX8t6mpwMxF0FvVRULzWKmki6P3fvpfel8Qj1my2mv +veIpzfWOcpxWhH+qvchT3gLmu/Hp8TJ+CF4VsrkCDQRedhezARAAsTrVcc970S+0 +lGVTvPfUVHIPQYg7mXz1H7Hfb9wBzsDb0lbCzm6qtEIMGo5kzC/Z0Wc1+5HO0Zhb +V2ecqTJMhCfadeK2FymCoS6hDOD2s9JVGoEIctLHWIo7WsjbDOZblN8pOmuBfz5G +p6awxhBLSTzCwsKQzg08JRO0x7xbSVy52HhbRdgySp1HD+hPTFhmDNc2Ha5n+N6c +VoNmFxY6MixJDsuk1Y46sM/rSmuvuGEahVjcl3BFqiNmS6h0c2U77vuOoLJ0fvB3 +C6aL94o/zK9I2EieL6jBs9cnyp67CmVKdCIb5T2Gxo3XC9e8WGpntlK6D0vAM1ln +oMqnhBYeeKpgqxVcP7sBK3FnFCV9yhIo63OPA2GVAStPb5xRXFyGEf3HxVqUxoZ6 +pcKfxAGgXkd86+oUupS/l5bjCIxx5ME/3g92MnRMAAY2ycASaeT3WEeDP20h7jqA +h+nf1N+jqZMMHpMmClrxKMcT0iSFgstQKSC0GZlrnLSBXPEkH0l30YnzxAwZy/YT +c819NG3g2JkunDyD9EyKmvX3S9QHjuvE5O6Ou39nAhNdUEx+xSPSY4bkPzOHTvI1 +MO5JrRginUXjSLmGFN8WQeMHRR7P+VMUTgsBGZ7/t7lgIB24HNeFy1rpzfT/ZrDs +WCxz1SSv13HYR71kpkHTauGo68vx/pEAEQEAAYkCNgQYAQoAIBYhBJc65I1xt2c1 +xHErW7XAAlMMaiBTBQJedhezAhsgAAoJELXAAlMMaiBTxnUQAM2TtUXzmWLG1tKD +mkYeOCPoFTIwp9b8QKIPwWGtijoJEmjrvJcCd+EUnqP1iZBl2Qee5iCeiFUoNPx3 +M93zpDLwjHX7r9jLbWaRkyCTX0fsq/p9zDpUM5BbGyZEZwmZ3nW5YYRIlJNkQuyV +bGpIfI+DGMLn5KFq2pVOwyYWLmJ74Lnv/vJYgkNxg70wvjiE7RYEoY0WrDP13QQJ +aaXdmcHkteov76ElM09wOKPdCFP9AIlmUgRYKu0jb4upQosjpfR7sCf6QtCHCDOC +zwzvLk3VgrBKkcLKwFEhYx0LYBmgPjQ5CYvnaXBXyQsn+xUwqQs3OhcTD7/fnEYu +4zkdkNTUtaBNxbqbV6V5Ti0odFQXHHrJ/ugPRHIgBdqXLiVQI4pxKNJhtr6HMWb0 +zjde4Mho/IuOJLYEpHDVUj00RLUCsh1IkgdbRTEaHaeUzpFCf/zGnds6RIrEPBJm +tubuWXFFVG3d2LkUYkDAWGLE/IQLkeZPpnKCiTNyNvou5E/6BDeZGfnZA8fYAyGR +2h6aOZkt/4XL7Ot1bgbhNbEABwqSrsRXVFfJ85j+p+2D/iUi/wqyCBA0wDq9omog +rtNwEHwgQ9/++N3bX0KZKY5S7LXaHWWkXRuNDV2Zx2Vb4PpGmOjlZxKvyLtKgwwz +imtrGD9EhItdmZ8PBdC2kAx3vWEM +=553W +-----END PGP PUBLIC KEY BLOCK----- diff --git a/user.yml b/user.yml index 1fae5a3..c0d7a8e 100644 --- a/user.yml +++ b/user.yml @@ -568,3 +568,19 @@ tags: - autostart + +- block: + - name: import gpg key + command: gpg --import ./gpgkeys/{{ user.gpg_key.email }}.gpg.asc + register: gpg_import_output + changed_when: not ("unchanged" in gpg_import_output.stderr) + + - name: trust gpg key + shell: "gpg --import-ownertrust <<< {{ user.gpg_key.fingerprint }}:6" + args: + executable: /bin/bash # required for <<< + register: gpg_trust_output + changed_when: gpg_trust_output.stderr_lines|length > 0 + + when: user.gpg_key is defined + tags: [gpg]