nix: Fixes and gnupg

2023-10-28 23:03:27 +02:00 · 2023-10-28 23:03:27 +02:00 · 0ffe92164d
commit 0ffe92164d
parent 98efabc904
7 changed files with 51 additions and 68 deletions
--- a/config/automatrop/roles/dotfiles/tasks/main.yml
+++ b/config/automatrop/roles/dotfiles/tasks/main.yml
@ -19,12 +19,6 @@
  tags: dotfiles_repo
 # TODO Put actual dotfiles in a subdirectory of the repo, so we don't have to put everything in config

- name: Register as Ansible collection
-  file:
-    state: link
-    src: "{{ ansible_user_dir }}/.dotfiles/config/automatrop"
-    path: "{{ ansible_user_dir }}/.ansible/collections/ansible_collections/geoffreyfrogeye/automatrop"
-
 - name: Install python dependencies for scripts
  pip:
    requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt"
--- a/config/automatrop/roles/gnupg/tasks/main.yml
+++ b/config/automatrop/roles/gnupg/tasks/main.yml
@ -1,51 +0,0 @@
- name: Create GnuPG directory
-  file:
-    path: "{{ gnupghome }}"
-    state: directory
-    mode: "u=rwx"
-
- name: Create GnuPG configuration files
-  file:
-    path: "{{ gnupghome }}/{{ item }}"
-    state: file
-    mode: "u=rw,g=r,o=r"
-  loop:
-    - gpg-agent.conf
-    - gpg.conf
-
- name: Configure GnuPG
-  lineinfile:
-    path: "{{ gnupghome }}/gpg.conf"
-    regex: "^#?\\s*{{ item.key }}\\s"
-    line: "{{ item.key }}{% if item.value is defined %} {{ item.value }}{% endif %}"
-  loop:
-    # Remove fluff
-    - key: no-greeting
-    - key: no-emit-version
-    - key: no-comments
-    # Output format that I prefer
-    - key: keyid-format
-      value: 0xlong
-    # Show fingerprints
-    - key: with-fingerprint
-    # Make sure to show if key is invalid
-    # (should be default on most platform,
-    # but just to be sure)
-    - key: list-options
-      value: show-uid-validity
-    - key: verify-options
-      value: show-uid-validity
-    # Stronger algorithm (https://wiki.archlinux.org/title/GnuPG#Different_algorithm)
-    - key: personal-digest-preferences
-      value: SHA512
-    - key: cert-digest-algo
-      value: SHA512
-    - key: default-preference-list
-      value: SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
-    - key: personal-cipher-preferences
-      value: TWOFISH CAMELLIA256 AES 3DES
-
- name: Install Geoffrey Frogeye's key
-  gpg_key:
-    fpr: 4FBA930D314A03215E2CDB0A8312C8CAC1BAC289
-    trust: 5
--- a/config/automatrop/roles/gnupg/vars/main.yml
+++ b/config/automatrop/roles/gnupg/vars/main.yml
@ -1 +0,0 @@
-gnupghome: "{{ ansible_user_dir }}/.config/gnupg"
				`@ -1 +0,0 @@`
				`gnupghome: "{{ ansible_user_dir }}/.config/gnupg"`