Adding gopass apt sources

.github/workflows/ansible-alpine-latest.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check alpine:latest
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with alpine:latest
-        uses: roles-ansible/check-ansible-alpine-latest-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-archlinux-latest.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check archlinux:latest
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with archlinux:latest
-        uses: roles-ansible/check-ansible-archlinux-latest-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-centos-centos7.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check centos:centos7
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with ubuntu:centos7
-        uses: roles-ansible/check-ansible-centos-centos7-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-centos-centos8.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check centos:centos8
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with ubuntu:centos8
-        uses: roles-ansible/check-ansible-centos-centos8-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-centos-latest.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check centos:latest
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with ubuntu:latest
-        uses: roles-ansible/check-ansible-centos-latest-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-debian-bullseye.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check debian:bullseye
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with debian:bullseye
-        uses: roles-ansible/check-ansible-debian-bullseye-action@main
-        with:
-          targets: "./"

.github/workflows/ansible-debian-buster.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check debian:buster
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with debian:buster
-        uses: roles-ansible/check-ansible-debian-buster-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-debian-latest.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check debian:latest
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with debian:latest
-        uses: roles-ansible/check-ansible-debian-latest-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-debian-sid.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check debian:sid
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with debian:sid
-        uses: roles-ansible/check-ansible-debian-sid-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-debian-stable.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check debian:stable
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with debian:stable
-        uses: roles-ansible/check-ansible-debian-stable-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-debian-stretch.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check debian:stretch
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with debian:stretch
-        uses: roles-ansible/check-ansible-debian-stretch-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-fedora-31.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check fedora:31
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with fedora:31
-        uses: roles-ansible/check-ansible-fedora-31-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-fedora-32.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check fedora:32
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with fedora:32
-        uses: roles-ansible/check-ansible-fedora-32-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-fedora-33.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check fedora:33
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with fedora:33
-        uses: roles-ansible/check-ansible-fedora-33-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-fedora-latest.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check fedora:latest
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with fedora:latest
-        uses: roles-ansible/check-ansible-fedora-latest-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-linting-check.yml

@@ -1,22 +0,0 @@
----
-name: Ansible Lint check
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Lint Ansible Playbook
-        uses: ansible/ansible-lint-action@master
-        with:
-          targets: "."
-          # [required]
-          # Paths to ansible files (i.e., playbooks, tasks, handlers etc..)
-          args: ""
-          # [optional]

.github/workflows/ansible-ubuntu-bionic.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check ubuntu:bionic
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with ubuntu:bionic
-        uses: roles-ansible/check-ansible-ubuntu-bionic-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-ubuntu-latest.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check ubuntu:latest
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with ubuntu:latest
-        uses: roles-ansible/check-ansible-ubuntu-latest-action@master
-        with:
-          targets: "./"

.github/workflows/ansible-ubuntu-trusty.yml

@@ -1,18 +0,0 @@
----
-name: Ansible check ubuntu:trusty
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: ansible check with ubuntu:trusty
-        uses: roles-ansible/check-ansible-ubuntu-trusty-action@master
-        with:
-          targets: "./"

.github/workflows/yamllint.yaml

@@ -1,22 +0,0 @@
----
-name: 'Yamllint GitHub Actions'
-
-# yamllint disable-line rule:truthy
-on: [push, pull_request]
-
-jobs:
-  yamllint:
-    name: 'Yamllint'
-    runs-on: ubuntu-latest
-    steps:
-      - name: 'Checkout'
-        uses: actions/checkout@master
-      - name: 'Yamllint'
-        uses: karancode/yamllint-github-action@master
-        with:
-          yamllint_file_or_dir: '.'
-          yamllint_config_filepath: './.yamllint'
-          yamllint_strict: false
-          yamllint_comment: true
-#       env:
-#         GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2021 L3D <l3d@c3woc.de>
+Copyright (c) 2023 L3D <l3d@c3woc.de>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,2 +1,3 @@
-# ansible_role_template
-Template for Ansible roles
+# Gopass Ansible Rolle
+
+Ansile role to install the Password Manager [gopass](https://www.gopass.pw/). Gopass is a simple but powerful password manager for your terminal. And it is 100% API Compatible to the standard unix password manager [pass](https://passwordstore.org).

defaults/main.yml

@@ -1,3 +1,4 @@
 ---
+gopass__add_apt_repo: true
 # should we do a version check? (recomended)
 submodules_versioncheck: false

handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Trigger apt update
+  become: true
+  ansible.builtin.apt:
+     update_cache: true

tasks/gopass-install/install-on-debian.yml

@@ -0,0 +1,39 @@
+---
+- name: Update apt cache
+  become: true
+  ansible.builtin.apt:
+    cache_valid_time: 3600
+
+- name: Adding Gopass Package Repository
+  when: gopass__add_apt_repo | bool
+  block:
+    - name: Add Gopass archive keyring
+      ansible.builtin.get_url:
+        url: https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg
+        dest: "{{ gopass__keyring }}"
+        owner: root
+        group: root
+        mode: 0644
+      become: true
+
+    - name: Add Gopass repository source
+      become: true
+      ansible.builtin.template:
+        src: "templates/apt.gopass.sources.j2"
+        dest: '/etc/apt/sources.list.d/gopass.sources'
+        mode: 0644
+        group: root
+        owner: root
+      notify: Trigger apt update
+
+    - name: Trigger Handlers
+      ansible.builtin.meta: flush_handlers
+
+    - name: Install Gopass and Gopass archive keyring
+      ansible.builtin.apt:
+        name: "{{ item }}"
+        state: present
+      become: true
+      with_items:
+        - gopass-archive-keyring
+        - gopass

tasks/main.yml

@@ -1,4 +1,14 @@
 ---
-- name: run optional versionscheck
+- name: Run optional versionscheck
   ansible.builtin.include_tasks: versioncheck.yml
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool
+
+- name: Install GoPass Packages
+  ansible.builtin.include_tasks: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"
+  vars:
+    gopass_install:
+      files:
+        - "install-on-{{ ansible_os_family | lower }}.yml"
+        - 'install-gopass-default.yml'
+      paths:
+        - 'tasks/gopass-install'

tasks/versioncheck.yml

@@ -8,37 +8,37 @@
     path: '/etc/.ansible-version'
     state: directory
     mode: 0755
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool
 
-- name: check playbook version
+- name: Check playbook version
   become: true
   ansible.builtin.slurp:
     src: "/etc/.ansible-version/{{ playbook_version_path }}"
   register: playbook_version
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool
   ignore_errors: true
   failed_when: false
 
 - name: Print remote role version
   ansible.builtin.debug:
     msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool
 
 - name: Print locale role version
   ansible.builtin.debug:
-    msg: "Local role version: '{{ playbook_version_number|string }}'."
-  when: submodules_versioncheck|bool
+    msg: "Local role version: '{{ playbook_version_number | string }}'."
+  when: submodules_versioncheck | bool
 
 - name: Check if your version is outdated
   ansible.builtin.fail:
     msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
   when:
-    - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool
+    - playbook_version.content | default("Mgo=") | b64decode | int - 1 >= playbook_version_number | int and submodules_versioncheck | bool
 
-- name: write new version to remote disk
+- name: Write new version to remote disk
   become: true
   ansible.builtin.copy:
     content: "{{ playbook_version_number }}"
     dest: "/etc/.ansible-version/{{ playbook_version_path }}"
     mode: '0644'
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool

templates/apt.gopass.sources.j2

@@ -0,0 +1,6 @@
+Types: deb
+URIs: https://packages.gopass.pw/repos/gopass
+Suites: stable
+Architectures: amd64 arm64 armhf
+Components: main
+Signed-By: {{ gopass__keyring }}

vars/main.yml

@@ -1,4 +1,5 @@
 ---
+gopass__keyring: /usr/share/keyrings/gopass-archive-keyring.gpg
 # versionscheck
 playbook_version_number: 02   # should be a integer
-playbook_version_path: 'role-<some_unique_string>.version'
+playbook_version_path: 'l3d.gopass.version'