debops.keyring default variables

Global configuration


Enable or disable support for managing APT and GPG keyrings for other roles.

keyring__enabled: True

The path to the directory that contains GPG keys available locally on the Ansible Controller. A non-absolute path is relative to the files/ directory of the debops.keyring Ansible role; you can also specify an absolute path to a directory on the Ansible Controller.

Key files are expected to be named in the format: 0xFINGERPRINT.asc.

keyring__local_path: ''

The URL of the Keybase API which should be used to lookup GPG keys not available in the local keyring.

keyring__keybase_api: ''

The URL of the GPG keyserver to use to retrieve keys that are not available in the local keyring.

keyring__keyserver: 'hkp://'

The version of the gpg command in use. This variable is defined via Ansible local facts and can be used for conditional code execution.

keyring__gpg_version: '{{ ansible_local.keyring.gpg_version|d("0.0.0") }}'

APT packages


List of the default APT packages to install for keyring support.

  - 'curl'
  - 'ca-certificates'
  - 'gnupg'
  - '{{ "apt-transport-https"
        if (ansible_distribution_release in
            [ "wheezy", "jessie", "stretch",
              "precise", "trusty", "xenial" ])
        else [] }}'

List of additional APT packages to install for keyring support.

keyring__packages: []

Dependent configuration variables


Specify the UNIX account on which GPG keys will be managed if the user parameter is not specified. If the variable is empty, root GPG keyring will be used by default. This variable can be set to manage many GPG keys on an unprivileged UNIX account at once.

keyring__dependent_gpg_user: ''

This list defines APT authentication information for repositories which require HTTP Basic Authentication to access. See keyring__dependent_apt_auth_files for more details.

keyring__dependent_apt_auth_files: []

The variable which can be used by other Ansible roles to define what GPG keys should be present in the APT keyring. If you want to define the APT keys via the Ansible inventory, use the debops.apt role instead. See keyring__dependent_apt_keys for more details.

keyring__dependent_apt_keys: []

The variable which can be used by other Ansible roles to define what GPG keys should be present in an unprivileged UNIX account GPG keyrings. The usage via the Ansible inventory is not supported. See keyring__dependent_gpg_keys for more details.

keyring__dependent_gpg_keys: []