Use session DBus address for iCloud keyring task

ansible/roles/profile_desktop_i3/tasks/main.yml

@@ -96,10 +96,26 @@
   ansible.builtin.set_fact:
     desktop_user_uid: "{{ ansible_facts.getent_passwd[username][1] }}"
 
-- name: Check whether desktop user session bus exists
+- name: Check whether desktop user DBus session address file exists
   ansible.builtin.stat:
-    path: "/run/user/{{ desktop_user_uid }}/bus"
-  register: desktop_user_bus
+    path: "{{ user_home }}/.dbus-session-bus-address"
+  register: desktop_user_bus_address_file
+
+- name: Read desktop user DBus session address
+  ansible.builtin.slurp:
+    src: "{{ user_home }}/.dbus-session-bus-address"
+  register: desktop_user_bus_address_raw
+  when:
+    - (vault_icloud_mail_password | default('')) | length > 0
+    - desktop_user_bus_address_file.stat.exists
+
+- name: Set desktop user DBus session address
+  ansible.builtin.set_fact:
+    desktop_user_bus_address: >-
+      {{ desktop_user_bus_address_raw.content | b64decode | trim }}
+  when:
+    - (vault_icloud_mail_password | default('')) | length > 0
+    - desktop_user_bus_address_file.stat.exists
 
 - name: Check whether GNOME Keyring default collection is available
   ansible.builtin.command:
@@ -113,13 +129,13 @@
   environment:
     HOME: "{{ user_home }}"
     XDG_RUNTIME_DIR: "/run/user/{{ desktop_user_uid }}"
-    DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ desktop_user_uid }}/bus"
+    DBUS_SESSION_BUS_ADDRESS: "{{ desktop_user_bus_address }}"
   register: icloud_keyring_default_alias
   failed_when: false
   changed_when: false
   when:
     - (vault_icloud_mail_password | default('')) | length > 0
-    - desktop_user_bus.stat.exists
+    - desktop_user_bus_address | default('') | length > 0
 
 - name: Store iCloud mail password in GNOME Keyring
   ansible.builtin.command:
@@ -131,14 +147,14 @@
   environment:
     HOME: "{{ user_home }}"
     XDG_RUNTIME_DIR: "/run/user/{{ desktop_user_uid }}"
-    DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ desktop_user_uid }}/bus"
+    DBUS_SESSION_BUS_ADDRESS: "{{ desktop_user_bus_address }}"
   register: icloud_keyring_store
   failed_when: false
   changed_when: icloud_keyring_store.rc == 0
   no_log: true
   when:
     - (vault_icloud_mail_password | default('')) | length > 0
-    - desktop_user_bus.stat.exists
+    - desktop_user_bus_address | default('') | length > 0
     - icloud_keyring_default_alias.rc | default(1) == 0
     - "\"/\" not in (icloud_keyring_default_alias.stdout | default(''))"
 
@@ -146,8 +162,8 @@
   ansible.builtin.debug:
     msg: >-
       Unable to store iCloud password in GNOME Keyring automatically.
-      {% if not (desktop_user_bus.stat.exists | default(false)) %}
-      No active user session bus was found at /run/user/{{ desktop_user_uid }}/bus.
+      {% if (desktop_user_bus_address | default('')) | length == 0 %}
+      No saved DBus session address was found in {{ user_home }}/.dbus-session-bus-address.
       {% elif icloud_keyring_default_alias.rc | default(1) != 0 %}
       The Secret Service default alias could not be queried for {{ username }}.
       {% elif '"/"' in (icloud_keyring_default_alias.stdout | default('')) %}

dotfiles/desktop/.xinitrc

@@ -3,6 +3,8 @@
 # dbus session
 export XDG_CURRENT_DESKTOP=i3
 exec dbus-run-session sh -c "
+    umask 077
+    printf '%s\n' \"\$DBUS_SESSION_BUS_ADDRESS\" > \"\$HOME/.dbus-session-bus-address\"
     eval \$(ssh-agent -s)
     gpgconf --launch gpg-agent
     exec i3