Merge "edit-secrets: configure gpg-agent/emacs"

3 months ago · 6117de7f3c
parent 730fcf0171 35fff9759b
commit 6117de7f3c
1 changed files with 30 additions and 0 deletions
--- a/playbooks/roles/edit-secrets-script/tasks/main.yaml
+++ b/playbooks/roles/edit-secrets-script/tasks/main.yaml
@ -3,3 +3,33 @@
    mode: 0750
    src: edit-secrets
    dest: /usr/local/bin/edit-secrets
+
+- name: Add required emacs configuration
+  lineinfile:
+    path: /root/.emacs
+    regexp: 'epg-pinentry-mode'
+    line: "(setq epg-pinentry-mode 'loopback)"
+    state: present
+    create: yes
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Ensure gnupg directory
+  file:
+    path: /root/.gnupg
+    state: directory
+    owner: root
+    group: root
+    mode: '0700'
+
+- name: Add required gpg-agent configuration
+  lineinfile:
+    path: /root/.gnupg/gpg-agent
+    regexp: '^allow-loopback-pinentry'
+    line: 'allow-loopback-pinentry'
+    state: present
+    create: yes
+    owner: root
+    group: root
+    mode: '0400'