---

# Preferably we would use block here, but blocks cannot be used as
# handlers unfortunately.
# @TODO: Looks like include_tasks does not work well with relative
#        paths, unlike the previously used import_tasks. This should
#        be reported upstream, and updated if the relative inclusion
#        ever gets fixed.
- name: Clean-up GnuPG keyring for import of new keys
  include_tasks: "handlers/cleanup_gnupg.yml"

- name: Import private keys
  command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
  tags:
    # [ANSIBLE0012] Commands should not change things if nothing needs doing
    #   This task is invoked only if user is very specific about requiring to
    #   run the handlers manually as a way to bring the system to consistency
    #   after interrupted runs.
    - skip_ansible_lint

- name: Import public keys
  command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
  when: backup_additional_encryption_keys