majic-ansible-roles Changeset

Changeset - 0848aea59392

Parent rev.

Child rev.

[Not reviewed]

1 2 0

Branko Majic (branko) - 4 years ago 2020-01-06 15:49:02
branko@majic.rs

MAR-148: Refactor handling of GnuPG backup client keyring:

- Don't use the include_tasks, it seems to cause more issues than it
helps (with linting etc).
- Directly reference all the relevant handlers as part of notification
instead.

3 files changed with 25 insertions and 33 deletions:

roles/backup_client/handlers/cleanup_gnupg.yml

roles/backup_client/handlers/main.yml

roles/backup_client/tasks/main.yml

0 comments (0 inline, 0 general)

roles/backup_client/handlers/cleanup_gnupg.yml

➞

Show inline comments

deleted file

roles/backup_client/handlers/main.yml

➞

Show inline comments

 ---
 # Preferably we would use block here, but blocks cannot be used as
 # handlers unfortunately.
 # @TODO: Looks like include_tasks does not work well with relative
 #        paths, unlike the previously used import_tasks. This should
 #        be reported upstream, and updated if the relative inclusion
 #        ever gets fixed.
 - name: Clean-up GnuPG keyring for import of new keys
   include_tasks: "handlers/cleanup_gnupg.yml"
 # Can't use file module, since one of the files (GnuPG socket)
 # seems to disappear in middle of operation). This is change between
 # Jessie and Stretch.
 - name: Remove current keyring
   command: "rm -rf /etc/duply/main/gnupg"
   args:
     warn: false
   tags:
     # [ANSIBLE0012] Commands should not change things if nothing needs doing
     #   This task is invoked only if user is very specific about requiring to
     #   run the handlers manually as a way to bring the system to consistency
     #   after interrupted runs.
     - skip_ansible_lint
 - name: Create keyring directory
   file:
     path: "/etc/duply/main/gnupg"
     state: directory
     owner: root
     group: root
     mode: 0700
 - name: Import private keys
   command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"

roles/backup_client/tasks/main.yml

➞

Show inline comments

@@ @@ -36,7 +36,8 @@ @@
     group: root
     mode: 0600
   notify:
     - Clean-up GnuPG keyring for import of new keys
     - Remove current keyring
     - Create keyring directory
     - Import private keys
     - Import public keys
@@ @@ -48,7 +49,8 @@ @@
     group: root
     mode: 0600
   notify:
     - Clean-up GnuPG keyring for import of new keys
     - Remove current keyring
     - Create keyring directory
     - Import private keys
     - Import public keys

0 comments (0 inline, 0 general)