From 9ce496200793ebfea8f806164ccab56267f07989 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Wed, 7 Feb 2024 11:45:01 +0200
Subject: radicle-other-node: install node keys

Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author
---
 ansible/radicle-other-node.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/ansible/radicle-other-node.yml b/ansible/radicle-other-node.yml
index 774fe8c..3904a22 100644
--- a/ansible/radicle-other-node.yml
+++ b/ansible/radicle-other-node.yml
@@ -12,6 +12,30 @@
           - curl
           - git
 
+    - name: "create directory for Radicle keys"
+      file:
+        state: directory
+        path: /home/_rad/.radicle/keys
+        owner: _rad
+        group: _rad
+        mode: 0755
+
+    - name: "install Radicle private key"
+      copy:
+        content: "{{ radicle_key }}"
+        dest: /home/_rad/.radicle/keys/radicle
+        owner: _rad
+        group: _rad
+        mode: 0600
+
+    - name: "install Radicle public key"
+      copy:
+        content: "{{ radicle_pub }}"
+        dest: /home/_rad/.radicle/keys/radicle.pub
+        owner: _rad
+        group: _rad
+        mode: 0644
+
     - name: "install of upgrade Radicle using installer"
       shell: |
         # Can't use "set -o pipefail" here, because shell may not be
@@ -21,6 +45,7 @@
 
         curl -sSf https://radicle.xyz/install > radicle-install
         sudo -u _rad bash radicle-install
+
   vars:
     sane_debian_system_version: 2
     sane_debian_system_hostname: "{{ inventory_hostname }}"
@@ -36,3 +61,6 @@
         comment: Radicle node
 
     sshd_version: 1
+
+    radicle_key: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key') }}"
+    radicle_pub: "{{ lookup('pipe', 'pass radicle/radicle-other-node/key.pub') }}"
-- 
cgit v1.2.1