common: Added helper scripts support and gpg_import_url_key

roles/common/files/gpg_import_url_key.sh

@@ -0,0 +1,15 @@
+#!/bin/sh
+
+# Usage: <url> <fpr> <keyring>
+
+set -e;
+
+readonly keyfile="$(mktemp --dry-run)";
+
+mkdir --parents ~/.gnupg;
+chmod "u=rwx,g=,o=" ~/.gnupg;
+
+/usr/bin/wget --output-document="$keyfile" -- "$1";
+/usr/bin/gpg2 --dry-run --quiet --import-options import-show --with-colons --import "$keyfile" | awk -F: '$1 == "fpr" { print $10 }' | head --lines=1 | grep --fixed-strings "$2";
+/usr/bin/gpg2 --quiet --no-default-keyring --keyring "$3" --import "$keyfile";
+rm "$keyfile";

roles/common/tasks/helpers.yml

@@ -0,0 +1,19 @@
+---
+
+- name: Create directory for helper scripts
+  file:
+    path: "{{ global_helper_directory }}"
+    state: directory
+    owner: root
+    group: root
+    mode: "u=rwx,g=rx,o=rx"
+
+- name: Upload helper scripts
+  copy:
+    src: "{{ item }}"
+    dest: "{{ global_helper_directory }}/{{ item }}"
+    owner: root
+    group: root
+    mode: "u=rwx,g=rx,o=rx"
+  loop:
+    - gpg_import_url_key.sh

roles/common/tasks/main.yml

@@ -12,6 +12,9 @@
 - name: Configure locales
   include_tasks: locales.yml
 
+- name: Configure helpers
+  include_tasks: helpers.yml
+
 - name: Configure ssh key for root user
   user:
     name: root