ssh-agent

files/pam_env.conf

@@ -0,0 +1 @@
+SSH_AUTH_SOCK DEFAULT="${XDG_RUNTIME_DIR}/openssh_agent"

files/ssh-agent.service.d.install

@@ -0,0 +1,2 @@
+[Install]
+WantedBy=default.target

tasks/main.yaml

@@ -3,13 +3,14 @@
 # user setup
 - import_tasks: root_user
 - import_tasks: fish
+- import_tasks: ssh-agent
 
 # system setup
 - import_tasks: hostname
   when:
     - not ansible_bender is defined
     - not container_type | default('') == 'podman'
-    
+
 - import_tasks: locales
 
 - import_tasks: timezone.yaml

tasks/ssh-agent.yaml

@@ -0,0 +1,28 @@
+---
+
+- name: make ssh-agent user service override directory
+  file:
+    path: /etc/systemd/user/ssh-agent.service.d
+    state: directory
+
+- name: make ssh-agent user service enableable
+  copy:
+    src: ssh-agent.service.d.install
+    dest: /etc/systemd/user/ssh-agent.service.d/install.conf
+
+- name: ensure ssh-agent user service is enabled for all users
+  systemd:
+    enabled: yes
+    scope: global
+    name: ssh-agent.service
+
+- name: ensure gpg-agent user socket is enabled for all users
+  systemd:
+    enabled: yes
+    scope: global
+    name: gpg-agent.socket
+
+- name: pam_env.conf
+  copy:
+    src: pam_env.conf
+    dest: /etc/security/pam_env.conf