From df591d76be13bb90ec82d9d2c5da9cf1d9fcd31e Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Fri, 10 Jul 2020 22:00:08 +0200
Subject: move openwrt keyring file to common location

---
 chaos-at-home/ch-ap.yml                 |   2 ++
 chaos-at-home/ch-router.yml             |   2 ++
 chaos-at-home/mz-ap.yml                 |   2 ++
 chaos-at-home/mz-router.yml             |   2 ++
 dan/ele-ap.yml                          |   2 ++
 dan/ele-dolmetsch-ctl.yml               |   2 ++
 dan/ele-orpheum.yml                     |   2 ++
 dan/ele-router.yml                      |   2 ++
 dan/ele-tub.yml                         |   2 ++
 dan/ele-ups.yml                         |   2 ++
 files/common/keyrings/openwrt.gpg       | Bin 0 -> 10385 bytes
 roles/openwrt/image/openwrt-keyring.gpg | Bin 10385 -> 0 bytes
 roles/openwrt/image/tasks/fetch.yml     |   9 ++++++---
 13 files changed, 26 insertions(+), 3 deletions(-)
 create mode 100644 files/common/keyrings/openwrt.gpg
 delete mode 100644 roles/openwrt/image/openwrt-keyring.gpg

diff --git a/chaos-at-home/ch-ap.yml b/chaos-at-home/ch-ap.yml
index 1d3c8903..5dcb5ea2 100644
--- a/chaos-at-home/ch-ap.yml
+++ b/chaos-at-home/ch-ap.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: chaos-at-home-ap
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/chaos-at-home/ch-router.yml b/chaos-at-home/ch-router.yml
index f61feb15..6543ce8c 100644
--- a/chaos-at-home/ch-router.yml
+++ b/chaos-at-home/ch-router.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: ch-router
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/chaos-at-home/mz-ap.yml b/chaos-at-home/mz-ap.yml
index ccae1763..869f051d 100644
--- a/chaos-at-home/mz-ap.yml
+++ b/chaos-at-home/mz-ap.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: mz-ap
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/chaos-at-home/mz-router.yml b/chaos-at-home/mz-router.yml
index 301da764..94646991 100644
--- a/chaos-at-home/mz-router.yml
+++ b/chaos-at-home/mz-router.yml
@@ -2,6 +2,8 @@
 - name: Basic Setup
   hosts: mz-router
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
 
diff --git a/dan/ele-ap.yml b/dan/ele-ap.yml
index 42c00522..1bccdc57 100644
--- a/dan/ele-ap.yml
+++ b/dan/ele-ap.yml
@@ -2,6 +2,8 @@
 - name: Basic Setup
   hosts: ele-ap
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
   # post_tasks:
diff --git a/dan/ele-dolmetsch-ctl.yml b/dan/ele-dolmetsch-ctl.yml
index 717def3f..c9d47ea8 100644
--- a/dan/ele-dolmetsch-ctl.yml
+++ b/dan/ele-dolmetsch-ctl.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: ele-dolmetsch-ctl
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/dan/ele-orpheum.yml b/dan/ele-orpheum.yml
index 97b77edb..140d4fef 100644
--- a/dan/ele-orpheum.yml
+++ b/dan/ele-orpheum.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: ele-orpheum
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/dan/ele-router.yml b/dan/ele-router.yml
index 098b82b3..ebb8f8bd 100644
--- a/dan/ele-router.yml
+++ b/dan/ele-router.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: ele-router
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/dan/ele-tub.yml b/dan/ele-tub.yml
index c8bbe912..01668916 100644
--- a/dan/ele-tub.yml
+++ b/dan/ele-tub.yml
@@ -2,5 +2,7 @@
 - name: Basic Setup
   hosts: ele-tub
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
diff --git a/dan/ele-ups.yml b/dan/ele-ups.yml
index fa780eaf..de4efce7 100644
--- a/dan/ele-ups.yml
+++ b/dan/ele-ups.yml
@@ -2,6 +2,8 @@
 - name: Basic Setup
   hosts: ele-ups
   connection: local
+  gather_facts: no
+
   roles:
   - role: openwrt/image
   # post_tasks:
diff --git a/files/common/keyrings/openwrt.gpg b/files/common/keyrings/openwrt.gpg
new file mode 100644
index 00000000..7dc3d397
Binary files /dev/null and b/files/common/keyrings/openwrt.gpg differ
diff --git a/roles/openwrt/image/openwrt-keyring.gpg b/roles/openwrt/image/openwrt-keyring.gpg
deleted file mode 100644
index 7dc3d397..00000000
Binary files a/roles/openwrt/image/openwrt-keyring.gpg and /dev/null differ
diff --git a/roles/openwrt/image/tasks/fetch.yml b/roles/openwrt/image/tasks/fetch.yml
index 05d2ad6e..e68e2da5 100644
--- a/roles/openwrt/image/tasks/fetch.yml
+++ b/roles/openwrt/image/tasks/fetch.yml
@@ -22,11 +22,14 @@
 
     - name: Check OpenPGP signature
       command: >-
-        gpg --no-options --no-default-keyring --secret-keyring /dev/null
-             --verify --keyring "{{ role_path }}/openwrt-keyring.gpg"
-             --trust-model always
+        gpg --no-options --trust-model always --no-default-keyring --secret-keyring /dev/null
+             --verify --keyring "{{ global_files_dir }}/common/keyrings/openwrt.gpg"
              "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256.asc"
       changed_when: False
+      register: openwrt_image_gpg_result
+
+    - debug:
+        var: openwrt_image_gpg_result.stderr_lines
 
     - name: Extract SHA256 hash of the imagebuilder archive
       command: grep '{{ openwrt_tarball_name }}' "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256"
-- 
cgit v1.2.3