[x] Ansible: create gpg key pair on the target host
[x] Ansible: send public key over TLS to slack
[x] git-crypt unlock (fail, wait for admin to add public key to repo)
[x] Use git-crypt unlock to access the data (in docker-deploy to access the passwords stored in the repo to create users for samba #18)
Threat: slack messes with public key -> admin checks key fingerprint -> admin NOT adds slacks key -> secrets NOT compromised
Threat: insurant randomness in vm when creating the key -> force libvirt to use /dev/urandom
Threat: slack messes with public key -> admin checks key fingerprint -> admin NOT adds slacks key -> secrets NOT compromised Threat: insurant randomness in vm when creating the key -> force libvirt to use /dev/urandom