---
- name: set defaut gpg options
  become: true
  template:
    src: gpg.conf.j2
    dest: "{{ gpg_home }}/.gnupg/gpg.conf"
    mode: '0600'
    owner: "{{ rootUser }}"

- name: copy default template for gpg key generation
  become: true
  template:
    src: gen-key-script
    dest: "{{ gpg_home }}/.gnupg/gen-key-script-{{ rootUser }}"
    mode: '0600'
    owner: "{{ rootUser }}"

- name: create some required file
  become: true
  shell: "gpg --list-secret-keys --keyid-format LONG"

- name: When starting fresh we need to make sure we have rng-tools
  become: true
  apt:
    name: rng-tools
    state: present
  ignore_errors: true

- name: Add HRNGDEVICE=/dev/urandom so we can execute rngd
  become: true
  lineinfile:
    path: /etc/default/rng-tools
    line: HRNGDEVICE=/dev/urandom
    insertafter: last

- name: generate randomness
  become: true
  shell: "sudo /etc/init.d/rng-tools restart"
  ignore_errors: true

- name: generate gpg key
  become: true
  shell: "sudo gpg --batch --gen-key {{ gpg_home }}/.gnupg/gen-key-script-{{ rootUser }}"