add ssh-agent service

inventory/host_vars/self.yml

@@ -5,3 +5,4 @@ full_name: "{{ first_name }} {{ last_name }}"
 email: pim@kunis.nl
 vscodium_extensions:
   - shd101wyy.markdown-preview-enhanced
+ssh_agent_socket: /tmp/ssh-agent.socket

playbooks/laptop.yml

@@ -9,6 +9,12 @@
       tags: [bash]
     - role: alacritty
       tags: [alacritty]
+    - role: syncthing
+      tags: [syncthing]
+      vars:
+        syncthing_profile: "laptop"
+    - role: keepassxc
+      tags: [keepassxc]
     - role: wireguard
       tags: [wireguard]
     - role: asdf
@@ -21,10 +27,6 @@
       tags: [virtualbox]
     - role: vscodium
       tags: [vscodium]
-    - role: syncthing
-      tags: [syncthing]
-      vars:
-        syncthing_profile: "laptop"
     - role: strawberry
       tags: [strawberry]
     - role: nicotine

playbooks/os3.yml

@@ -9,13 +9,15 @@
       tags: [bash]
     - role: alacritty
       tags: [alacritty]
+    - role: syncthing
+      tags: [syncthing]
+      vars:
+        syncthing_profile: "os3"
+    - role: keepassxc
+      tags: [keepassxc]
     - role: neovim
       tags: [neovim]
     - role: signal
       tags: [signal]
     - role: vscodium
       tags: [vscodium]
-    - role: syncthing
-      tags: [syncthing]
-      vars:
-        syncthing_profile: "os3"

roles/bash/tasks/main.yml

@@ -6,8 +6,8 @@
       - bat
       - fzf
 - name: Install .bashrc
-  copy:
-    src: "{{ role_path }}/files/bashrc"
+  template:
+    src: "{{ role_path }}/templates/bashrc.j2"
     dest: ~/.bashrc
 - name: Install .fzf.bash
   copy:

roles/bash/templates/bashrc.j2

@@ -103,3 +103,5 @@ alias vim='nvim'
 
 # pip scripts
 PATH=$PATH:~/.local/bin
+
+export SSH_AUTH_SOCK="{{ ssh_agent_socket }}"

roles/keepassxc/tasks/main.yml

@@ -0,0 +1,22 @@
+- name: Install Keepassxc
+  become: true
+  apt:
+    name: keepassxc
+- name: Create keepassxc config directory
+  file:
+    path: ~/.config/keepassxc
+    state: directory
+- name: Copy keepassxc.ini
+  copy:
+    src: "{{ role_path }}/files/keepassxc.ini"
+    dest: ~/.config/keepassxc/keepassxc.ini
+- name: Create cache directory
+  file:
+    path:  ~/.cache/keepassxc
+    state: directory
+    recurse: true
+- name: Set SSH_AUTH_SOCK override
+  ini_file:
+    path: ~/.cache/keepassxc/keepassxc.ini
+    section: SSHAgent
+    value: "{{ ssh_agent_socket }}"

roles/system/files/ssh_config

@@ -1,3 +1,5 @@
+AddKeysToAgent  yes
+
 Host brussels
         HostName brussels.studlab.os3.nl
         User pkunis

roles/system/tasks/main.yml

@@ -19,14 +19,6 @@
   template:
     src: "{{ role_path }}/templates/.gitconfig.j2"
     dest: ~/.gitconfig
-- name: Create keepassxc config directory
-  file:
-    path: ~/.config/keepassxc
-    state: directory
-- name: Copy keepassxc.ini
-  copy:
-    src: "{{ role_path }}/files/keepassxc.ini"
-    dest: ~/.config/keepassxc/keepassxc.ini
 - name: Create repos directory
   file:
     path: ~/repos
@@ -57,3 +49,13 @@
     src: "{{ role_path }}/files/ssh_config"
     dest: ~/.ssh/config
     mode: 0600
+- name: Copy systemd ssh-agent service
+  template:
+    src: "{{ role_path }}/templates/ssh-agent.service.j2"
+    dest: /etc/systemd/user/ssh-agent.service
+- name: Enable ssh-agent service
+  systemd:
+    name: ssh-agent
+    enabled: true
+    scope: user
+    state: started

roles/system/templates/ssh-agent.service.j2

@@ -0,0 +1,10 @@
+[Unit]
+Description=SSH key agent
+
+[Service]
+Type=simple
+Environment=SSH_AUTH_SOCK={{ ssh_agent_socket }}
+ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK
+
+[Install]
+WantedBy=default.target