feat: add 1Password installation and configuration tasks
Some checks failed
Nix Format Check / check-format (push) Failing after 39s
Some checks failed
Nix Format Check / check-format (push) Failing after 39s
This commit is contained in:
parent
bb944b21a9
commit
3b9791e648
SSH Key Fingerprint:
SHA256:OJFmjANpakwD3F2Rsws4GLtbdz1TJ5tkQF0RZmF0TRE
@ -26,6 +26,10 @@
|
|||||||
ansible.builtin.import_tasks: tasks/global/openssh-server.yml
|
ansible.builtin.import_tasks: tasks/global/openssh-server.yml
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
|
- name: Include 1Password tasks
|
||||||
|
ansible.builtin.import_tasks: tasks/global/onepassword.yml
|
||||||
|
become: true
|
||||||
|
|
||||||
- name: Ensure common packages are installed
|
- name: Ensure common packages are installed
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name:
|
name:
|
||||||
|
|||||||
56
config/ansible/tasks/global/onepassword.yml
Normal file
56
config/ansible/tasks/global/onepassword.yml
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
---
|
||||||
|
- name: Install 1Password CLI
|
||||||
|
block:
|
||||||
|
- name: Add 1Password GPG key
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://downloads.1password.com/linux/keys/1password.asc
|
||||||
|
dest: /tmp/1password.asc
|
||||||
|
mode: '0644'
|
||||||
|
|
||||||
|
- name: Import 1Password GPG key
|
||||||
|
ansible.builtin.shell: cat /tmp/1password.asc | gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg
|
||||||
|
args:
|
||||||
|
creates: /usr/share/keyrings/1password-archive-keyring.gpg
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Add 1Password repository
|
||||||
|
ansible.builtin.apt_repository:
|
||||||
|
repo: deb [arch={{ ansible_architecture }} signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/{{ ansible_architecture }} stable main
|
||||||
|
filename: 1password
|
||||||
|
state: present
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Create debsig policies directory
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /etc/debsig/policies/AC2D62742012EA22/
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Download and install 1Password policy file
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://downloads.1password.com/linux/debian/debsig/1password.pol
|
||||||
|
dest: /etc/debsig/policies/AC2D62742012EA22/1password.pol
|
||||||
|
mode: '0644'
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Create debsig keyrings directory
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /usr/share/debsig/keyrings/AC2D62742012EA22
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Download and install debsig GPG key
|
||||||
|
ansible.builtin.shell: curl -sS https://downloads.1password.com/linux/keys/1password.asc | gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg
|
||||||
|
args:
|
||||||
|
creates: /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Install 1Password CLI
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: 1password-cli
|
||||||
|
state: present
|
||||||
|
update_cache: true
|
||||||
|
become: true
|
||||||
|
when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian'
|
||||||
Loading…
x
Reference in New Issue
Block a user