Use this role to import PGP keypairs into a host.
Check ./defaults/main.yaml for default values for Ansible variables. The following variables are required for the role to run:
gpg_user
: The user to run the import usinggpg_group
: The system group that should own imported filesgpg_private_key
: Path in your playbooks to fetch the PGP private keygpg_public_key
: Path in your playbooks to fetch the PGP public keygpg_trust_file
: Path in your playbooks containing the exported trust to grant the imported keypair
Playbook to import a PGP keypair might look like:
- name: Import PGP Keys
hosts: all
gpg_user: "ubuntu"
gpg_group: "ubuntu"
gpg_private_key: "files/pgp/priv.key"
gpg_private_key_passphrase: "somesecret"
gpg_public_key: "files/pgp/pub.key"
gpg_trust_file: "files/pgp/ultimate.trust"
roles:
- role: gpg-import
This project is released under the Apache 2 license. Read the LICENSE file for more details.
Update by Ona Engineering