debops.keyring default variables

Global configuration

keyring__enabled

Enable or disable support for managing APT and GPG keyrings for other roles.

keyring__enabled: True
keyring__local_path

The path to the directory that contains GPG keys available locally on the Ansible Controller. A non-absolute path is relative to the files/ directory of the debops.keyring Ansible role; you can also specify an absolute path to a directory on the Ansible Controller.

Key files are expected to be named in the format: 0xFINGERPRINT.asc.

keyring__local_path: ''
keyring__keybase_api

The URL of the Keybase API which should be used to lookup GPG keys not available in the local keyring.

keyring__keybase_api: 'https://keybase.io/'
keyring__keyserver

The URL of the GPG keyserver to use to retrieve keys that are not available in the local keyring.

keyring__keyserver: 'hkp://keyserver.ubuntu.com'
keyring__gpg_version

The version of the gpg command in use. This variable is defined via Ansible local facts and can be used for conditional code execution.

keyring__gpg_version: '{{ ansible_local.keyring.gpg_version | d("0.0.0") }}'

APT packages

keyring__base_packages

List of the default APT packages to install for keyring support.

keyring__base_packages:
  - 'curl'
  - 'ca-certificates'
  - 'gnupg'
  - '{{ "apt-transport-https"
        if (ansible_distribution_release in
            ["stretch", "trusty", "xenial"])
        else [] }}'
keyring__packages

List of additional APT packages to install for keyring support.

keyring__packages: []

Dependent configuration variables

keyring__dependent_gpg_user

Specify the UNIX account on which GPG keys will be managed if the user parameter is not specified. If the variable is empty, root GPG keyring will be used by default. This variable can be set to manage many GPG keys on an unprivileged UNIX account at once.

keyring__dependent_gpg_user: ''
keyring__dependent_apt_auth_files

This list defines APT authentication information for repositories which require HTTP Basic Authentication to access. See keyring__dependent_apt_auth_files for more details.

keyring__dependent_apt_auth_files: []
keyring__dependent_apt_keys

The variable which can be used by other Ansible roles to define what GPG keys should be present in the APT keyring. If you want to define the APT keys via the Ansible inventory, use the debops.apt role instead. See keyring__dependent_apt_keys for more details.

keyring__dependent_apt_keys: []
keyring__dependent_gpg_keys

The variable which can be used by other Ansible roles to define what GPG keys should be present in an unprivileged UNIX account GPG keyrings. The usage via the Ansible inventory is not supported. See keyring__dependent_gpg_keys for more details.

keyring__dependent_gpg_keys: []