kris/homelab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: kris/homelab:1d8ae8a0b6a943c52ee1f71205ed038df91123e2
Branches Tags
kris/homelab:main kris/homelab:scripts kris/homelab:bitwarden kris/homelab:testing kris/homelab:dockerbox_update kris/homelab:HOST_IP kris/homelab:gitea kris/homelab:organize kris/homelab:staticweb kris/homelab:vagrantfile kris/homelab:proxy_script kris/homelab:master kris/homelab:jellyfin kris/homelab:traefik kris/homelab:dockerbox_bullseye kris/homelab:readme kris/homelab:kutt kris/homelab:mediawiki kris/homelab:jekyll kris/homelab:docs
...
compare: kris/homelab:d05c5d3086a4d54414a3ede38e866a2d71341615
Branches Tags
kris/homelab:main kris/homelab:scripts kris/homelab:bitwarden kris/homelab:testing kris/homelab:dockerbox_update kris/homelab:HOST_IP kris/homelab:gitea kris/homelab:organize kris/homelab:staticweb kris/homelab:vagrantfile kris/homelab:proxy_script kris/homelab:master kris/homelab:jellyfin kris/homelab:traefik kris/homelab:dockerbox_bullseye kris/homelab:readme kris/homelab:kutt kris/homelab:mediawiki kris/homelab:jekyll kris/homelab:docs

4 Commits
1d8ae8a0b6 ... d05c5d3086

Author SHA1 Message Date
kris d05c5d3086 Slight tweaks on Ansible output 2023-10-19 16:36:05 -04:00
kris ac412f16ef Simplify the "Import GPG keys" loop 2023-10-19 14:09:10 -04:00
kris 2354a8fb8c Verify successful GPG imports 2023-10-19 13:37:35 -04:00
kris 251a7c0dd5 Import PGP key and verify git commits 2023-10-19 02:56:36 -04:00
2 changed files with 34 additions and 6 deletions
Expand all files Collapse all files
dev/host_vars/docker.yml
+10 -6
View File
@@ -2,6 +2,11 @@
allow_reboot: false
manage_network: false
# Import my GPG key for git signature verification
root_gpgkeys:
- name: kris@lamoureux.io
id: FBF673CEEC030F8AECA814E73EDA9C3441EDA925
# docker
docker_users:
- vagrant
@@ -10,6 +15,7 @@ docker_users:
#docker_login_user: myuser
#docker_login_pass: YOUR_PASSWD
docker_compose_env_nolog: false # dev only setting
docker_compose_deploy:
# Traefik
- name: traefik
@@ -17,9 +23,8 @@ docker_compose_deploy:
version: 31ee724feebc1d5f91cb17ffd6892c352537f194
enabled: true
accept_newhostkey: true # Consider verifying manually instead
# Must manually add my public GPG key to root's keyring
#trusted_keys:
# - FBF673CEEC030F8AECA814E73EDA9C3441EDA925
trusted_keys:
- FBF673CEEC030F8AECA814E73EDA9C3441EDA925
env:
ENABLE: true
@@ -29,9 +34,8 @@ docker_compose_deploy:
version: 31ee724feebc1d5f91cb17ffd6892c352537f194
enabled: true
accept_newhostkey: true # Consider verifying manually instead
# Must manually add my public GPG key to root's keyring
#trusted_keys:
# - FBF673CEEC030F8AECA814E73EDA9C3441EDA925
trusted_keys:
- FBF673CEEC030F8AECA814E73EDA9C3441EDA925
env:
ENABLE: true
VERSION: "2.10"
roles/base/tasks/system.yml
+24
View File
@@ -9,6 +9,30 @@
name: gpg
state: present
- name: Check for existing GPG keys
command: "gpg --list-keys {{ item.id }} 2>/dev/null"
register: gpg_check
loop: "{{ root_gpgkeys }}"
failed_when: false
changed_when: false
when: root_gpgkeys is defined
- name: Import GPG keys
command: "gpg --keyserver {{ item.item.server | default('keys.openpgp.org') }} --recv-key {{ item.item.id }}"
register: gpg_check_import
loop: "{{ gpg_check.results }}"
loop_control:
label: "{{ item.item }}"
when: root_gpgkeys is defined and item.rc != 0
- name: Check GPG key imports
fail:
msg: "{{ item.stderr }}"
loop: "{{ gpg_check_import.results }}"
loop_control:
label: "{{ item.item.item }}"
when: (item.skipped | default(false) == false) and ('imported' not in item.stderr)
- name: Install NTPsec
ansible.builtin.apt:
name: ntpsec