Simplify GPG setup for tor browser

This commit is contained in:
Jake Howard 2020-04-04 20:50:27 +01:00
parent 0032eaab15
commit 9eefebe154
Signed by: jake
GPG key ID: 57AFB45680EDD477

View file

@ -2,7 +2,6 @@
set_fact: set_fact:
keys: keys:
- '1EDDE2CDFC025D17F6DA9EC0ADAE6AD28A8F901A' # Sublime Text - '1EDDE2CDFC025D17F6DA9EC0ADAE6AD28A8F901A' # Sublime Text
- 'EF6E286DDA85EA2A4BA7DE684E2C6E8793298290' # Tor Browser
- '9D5F1C051D146843CDA4858BDE64825E7CBC0D51' # ArchStrike - '9D5F1C051D146843CDA4858BDE64825E7CBC0D51' # ArchStrike
- name: Install pacman config - name: Install pacman config
@ -11,33 +10,25 @@
dest: /etc/pacman.conf dest: /etc/pacman.conf
mode: 0644 mode: 0644
- name: "Get installed pacman keys"
shell: "pacman-key --list-keys"
register: pacman_keys
- name: "Get known GPG keys"
shell: "gpg --list-keys"
become: true
become_user: "{{ user }}"
register: known_gpg_keys
- name: "Add keys to pacman" - name: "Add keys to pacman"
shell: "pacman-key -r {{ item }}" shell: "pacman-key -r {{ item }}"
when: "item not in pacman_keys.stdout"
loop: "{{ keys }}" loop: "{{ keys }}"
- name: "Sign keys in pacman" - name: "Sign keys in pacman"
shell: "pacman-key --lsign-key {{ item }}" shell: "pacman-key --lsign-key {{ item }}"
when: "item not in pacman_keys.stdout"
loop: "{{ keys }}" loop: "{{ keys }}"
- name: "Add keys to local keyring" - name: "Add keys to local keyring"
shell: "gpg --recv-keys {{ item }}" shell: "gpg --recv-keys {{ item }}"
become: true become: true
become_user: "{{ user }}" become_user: "{{ user }}"
when: "item not in known_gpg_keys.stdout"
loop: "{{ keys }}" loop: "{{ keys }}"
- name: "Add tor browser key"
shell: "gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org"
become: true
become_user: "{{ user }}"
- name: Create aur_builder user - name: Create aur_builder user
user: user:
name: aur_builder name: aur_builder