I copy/expose the following files to the relay:
[ 'ed25519_master_id_public_key', 'ed25519_signing_cert', 'ed25519_signing_secret_key', 'secret_id_key', 'secret_onion_key', 'secret_onion_key_ntor']
When first setting up (new relay) or restoring the relay, yes. But when only renewing the ed25519 medium term signing key (if ansible-relayor will support this) you only need to copy/expose the following files to the relay:
ed25519_signing_cert, ed25519_signing_secret_key
If you also move secret_onion_key and secret_onion_key_ntor, it could mess Tor's internal automated key rotation, and the descriptors available to clients might become invalid, making it impossible for clients to extend circuits through this relay. That's why Tor keeps a .old version of these keys when rotating, so clients with older descriptors won't experience circuit failures when using this relay.
To detect this, either the user will let ansible-relayor know if he is setting up a new relay / restoring a relay or just renewing the ed25519 keys for a running relay, either read Tor's $datadirectory/keys folder and if secret_id_key exists, assume the latter.
thanks for the feedback!
Are secret_onion_* files required at all when restoring a relay? (it doesn't look like it)
If you confirm that I would simply remove them from the list and never copy them over.
remaining with these files:
ed25519_master_id_public_key ed25519_signing_cert ed25519_signing_secret_key secret_id_key
(tor's manual page FILES section is not very verbose in that regard - unfortunately)