Verified Commit 7d0cd350 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

archweb: set gpg_whitelist to archweb signed key



ansible 2.9.0 has a new git module feature gpg_whitelist which is an
array of allowed keys. If a tag or commit was signed with a different
key ansible aborts.

Signed-off-by: Jelle van der Waa's avatarJelle van der Waa <jelle@archlinux.org>
parent 5ce84a72
......@@ -9,6 +9,7 @@ archweb_domains_redirects:
archweb_nginx_conf: '/etc/nginx/nginx.d/archweb.conf'
archweb_repository: 'https://github.com/archlinux/archweb.git'
archweb_version: release_2019-10-25
archweb_pgp_key: ['E499C79F53C96A54E572FEE1C06086337C50773E']
archweb_site: true
archweb_mirrorcheck: false
archweb_mirrorresolv: false
......
......@@ -42,6 +42,7 @@
dest="{{ archweb_dir }}"
version={{ archweb_version }}
verify_commit=true
gpg_whitelist={{ archweb_pgp_key }}
become: true
become_user: archweb
register: release
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment