debops.keyring default variables
Global configuration
- keyring__enabled
Enable or disable support for managing APT and GPG keyrings for other roles.
keyring__enabled: True
- keyring__local_path
The path to the directory that contains GPG keys available locally on the
Ansible Controller. A non-absolute path is relative to the files/
directory of the debops.keyring Ansible role; you can also specify an
absolute path to a directory on the Ansible Controller.
Key files are expected to be named in the format: 0xFINGERPRINT.asc
.
keyring__local_path: ''
- keyring__keybase_api
The URL of the Keybase API which should be used to lookup GPG keys not available in the local keyring.
keyring__keybase_api: 'https://keybase.io/'
- keyring__keyserver
The URL of the GPG keyserver to use to retrieve keys that are not available in the local keyring.
keyring__keyserver: 'hkp://keyserver.ubuntu.com'
- keyring__gpg_version
The version of the gpg command in use. This variable is defined via Ansible local facts and can be used for conditional code execution.
keyring__gpg_version: '{{ ansible_local.keyring.gpg_version | d("0.0.0") }}'
APT packages
- keyring__base_packages
List of the default APT packages to install for keyring support.
keyring__base_packages:
- 'curl'
- 'ca-certificates'
- 'gnupg'
- '{{ "apt-transport-https"
if (ansible_distribution_release in
["stretch", "trusty", "xenial"])
else [] }}'
- keyring__packages
List of additional APT packages to install for keyring support.
keyring__packages: []
Dependent configuration variables
- keyring__dependent_gpg_user
Specify the UNIX account on which GPG keys will be managed if the user
parameter is not specified. If the variable is empty, root
GPG keyring
will be used by default. This variable can be set to manage many GPG keys on
an unprivileged UNIX account at once.
keyring__dependent_gpg_user: ''
- keyring__dependent_apt_auth_files
This list defines APT authentication information for repositories which require HTTP Basic Authentication to access. See keyring__dependent_apt_auth_files for more details.
keyring__dependent_apt_auth_files: []
- keyring__dependent_apt_keys
The variable which can be used by other Ansible roles to define what GPG keys should be present in the APT keyring. If you want to define the APT keys via the Ansible inventory, use the debops.apt role instead. See keyring__dependent_apt_keys for more details.
keyring__dependent_apt_keys: []
- keyring__dependent_gpg_keys
The variable which can be used by other Ansible roles to define what GPG keys should be present in an unprivileged UNIX account GPG keyrings. The usage via the Ansible inventory is not supported. See keyring__dependent_gpg_keys for more details.
keyring__dependent_gpg_keys: []