diff --git a/roles/backup_client/handlers/cleanup_gnupg.yml b/roles/backup_client/handlers/cleanup_gnupg.yml new file mode 100644 index 0000000000000000000000000000000000000000..a5bcd375f902f0caf4dcb1f9a14c0843890c4a21 --- /dev/null +++ b/roles/backup_client/handlers/cleanup_gnupg.yml @@ -0,0 +1,23 @@ +--- + +# Can't use file module, since one of the files (GnuPG socket) +# seems to disappear in middle of operation). This is change between +# Jessie and Stretch. +- name: Remove current keyring + command: "rm -rf /etc/duply/main/gnupg" + args: + warn: false + tags: + # [ANSIBLE0012] Commands should not change things if nothing needs doing + # This task is invoked only if user is very specific about requiring to + # run the handlers manually as a way to bring the system to consistency + # after interrupted runs. + - skip_ansible_lint + +- name: Create keyring directory + file: + path: "/etc/duply/main/gnupg" + state: directory + owner: root + group: root + mode: 0700 diff --git a/roles/backup_client/handlers/main.yml b/roles/backup_client/handlers/main.yml index 539fd3a5361388dd63808352c268b5587fee1113..50f61d69f87cabb08b13a0aaeff4bb18a4f5433d 100644 --- a/roles/backup_client/handlers/main.yml +++ b/roles/backup_client/handlers/main.yml @@ -1,20 +1,9 @@ --- +# Preferably we would use block here, but blocks cannot be used as +# handlers unfortunately. - name: Clean-up GnuPG keyring for import of new keys - block: - # Can't use file module, since one of the files (GnuPG socket) - # seems to disappear in middle of operation). - - name: Remove current keyring - command: "rm -rf /etc/duply/mian/gnupg" - args: - warn: false - - name: Create keyring directory - file: - path: "/etc/duply/main/gnupg" - state: directory - owner: root - group: root - mode: 0700 + import_tasks: cleanup_gnupg.yml - name: Import private keys command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"