apt-repos

author: Trygve Laugstøl <trygvis@inamo.no> 2021-08-18 19:25:20 +0200
committer: Trygve Laugstøl <trygvis@inamo.no> 2021-08-18 19:25:20 +0200
commit: f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602 (patch)
tree: 4d50f0e501cc6b40624d53334a25787d9988b326 /ansible
parent: 727378b175aadbf2515e112c25b806cab78a0e78 (diff)
download: infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.tar.gz
infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.tar.bz2
infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.tar.xz
infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.zip
4 files changed, 48 insertions, 37 deletions
diff --git a/ansible/group_vars/all/apt-repos.yml b/ansible/group_vars/all/apt-repos.yml
index 0550745..6ec3b6a 100644
--- a/ansible/group_vars/all/apt-repos.yml
+++ b/ansible/group_vars/all/apt-repos.yml
@@ -15,7 +15,7 @@ apt_repos:
 
   openmodelica:
     url: http://build.openmodelica.org/apt
-    distro: jessie
+    distro: "{{ ansible_distribution_release }}"
     sections: release
     key_id: D229AF1CE5AED74E5F59DF303A59B53664970947
     key_url: http://build.openmodelica.org/apt/openmodelica.asc
@@ -31,7 +31,7 @@ apt_repos:
 
   docker:
     url: "[arch=amd64] https://download.docker.com/linux/debian"
-    distro: stretch
+    distro: "{{ ansible_distribution_release }}"
     sections: stable
     key_id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
     key_url: https://download.docker.com/linux/debian/gpg
@@ -49,7 +49,7 @@ apt_repos:
     url: "[arch=amd64] https://repo.skype.com/deb"
     distro: stable
     sections: main
-    key_id: D4040146BE3972509FD57FC71F3045A5DF7587C3
+    key_id: 1F3045A5DF7587C3
     key_url: https://repo.skype.com/data/SKYPE-GPG-KEY
     keyserver: hkp://keyserver.ubuntu.com:80
     state: "{{ apt_repos_skype_stable_state | default('absent') }}"
@@ -121,7 +121,7 @@ apt_repos:
 
   slack:
     url: https://packagecloud.io/slacktechnologies/slack/debian/
-    distro: jessie
+    distro: jessie # "{{ ansible_distribution_release }}"
     sections: main
     key_id: C6ABDCF64DB9A0B2
     keyserver: hkp://keyserver.ubuntu.com:80
@@ -143,3 +143,11 @@ apt_repos:
     key_id: EB4C1BFD4F042F6DDDCCEC917721F63BD38B4796
     key_url: https://dl.google.com/linux/linux_signing_key.pub
     state: "{{ apt_repos_dart_state | default('absent') }}"
+
+  balena_etcher:
+    url: "https://dl.cloudsmith.io/public/balena/etcher/deb/debian"
+    distro: "{{ ansible_distribution_release }}"
+    sections: main
+    key_id: 70528471AFF9A051
+    key_url: https://dl.cloudsmith.io/public/balena/etcher/gpg.70528471AFF9A051.key
+    state: "{{ apt_repos_balena_etcher_state | default('absent') }}"
diff --git a/ansible/group_vars/workstation/apt-repos.yml b/ansible/group_vars/workstation/apt-repos.yml
index a4d3d34..d9ddc5f 100644
--- a/ansible/group_vars/workstation/apt-repos.yml
+++ b/ansible/group_vars/workstation/apt-repos.yml
@@ -1,6 +1,7 @@
 apt_repos_atom_state: present
+apt_repos_balena_etcher_state: present
 apt_repos_dart_state: present
-apt_repos_docker_state: present
+apt_repos_docker_state: absent # debian's version is up to date now
 apt_repos_dropbox_state: present
 apt_repos_google_cloud_sdk_state: present
 apt_repos_google_state: present
@@ -11,7 +12,7 @@ apt_repos_openmodelica_state: present
 apt_repos_picoscope_state: present
 apt_repos_postgresql_state: present
 apt_repos_signal_state: present
-apt_repos_skype_stable_state: present
+apt_repos_skype_stable_state: absent
 apt_repos_skype_unstable_state: absent
 apt_repos_slack_state: present
 apt_repos_souffle_state: absent
diff --git a/ansible/roles/apt-repos/tasks/main.yml b/ansible/roles/apt-repos/tasks/main.yml
index 2789073..96ffd7d 100644
--- a/ansible/roles/apt-repos/tasks/main.yml
+++ b/ansible/roles/apt-repos/tasks/main.yml
@@ -1,4 +1,17 @@
 - with_dict: "{{ apt_repos if apt_repos is defined else {} }}"
+  name: apt-key adv --recv-keys
+  shell: apt-key adv --recv-keys {{ item.value.key_id|default("") }}
+  become: yes
+#  debug:
+#    msg: apt-key adv --recv-keys {{ item.value.key_id|default("") }}
+  vars:
+    state: "{{ item.value.state | default('present') }}"
+  when:
+    - apt_repos_refresh_keys | default(false)
+    - item.value.key_id
+  ignore_errors: true
+
+- with_dict: "{{ apt_repos if apt_repos is defined else {} }}"
   include_tasks: repo.yml
   vars:
     state: "{{ item.value.state | default('present') }}"
diff --git a/ansible/roles/apt-repos/tasks/repo.yml b/ansible/roles/apt-repos/tasks/repo.yml
index a338ce1..2b8719f 100644
--- a/ansible/roles/apt-repos/tasks/repo.yml
+++ b/ansible/roles/apt-repos/tasks/repo.yml
@@ -1,42 +1,30 @@
-- name: Check if PGP key is installed ({{ item.key }})
-  command: "apt-key export {{ item.value.key_id }}"
-  register: pgp_key
-  failed_when: no
-  changed_when: no
-
-- set_fact:
-    key_missing: "{{ 'nothing exported' in pgp_key.stderr }}"
-
-- become: yes
-  when: key_missing and item.key_url is defined
-  block:
-    - name: Download ES PGP key
-      become: yes
-      get_url:
-        url: "{{ item.key_url }}"
-        dest: /tmp/apt-repo.pgp
-      when: key_missing
+# Keys needs to be refreshed sometimes, so always import them
+#- name: Check if PGP key is installed ({{ item.key }})
+#  command: "apt-key export {{ item.value.key_id }}"
+#  register: pgp_key
+#  failed_when: no
+#  changed_when: no
+#
+#- set_fact:
+#    key_missing: "{{ 'nothing exported' in pgp_key.stderr }}"
 
-    - name: Install ES key
-      become: yes
-      command: apt-key add /tmp/apt-repo.pgp
-      when: key_missing
-      notify: apt update
-
-    - name: rm /tmp/apt-repo.pgp
-      become: yes
-      file:
-        path: /tmp/apt-repo.pgp
-        state: absent
-      when: key_missing
+- name: "apt-key add {{ item.key }} (url)"
+  become: yes
+  apt_key:
+    id: "{{ item.value.key_id }}"
+    url: "{{ item.value.key_url }}"
+    state: "{{ state }}"
+  when: item.value.key_url is defined
+  failed_when: no
 
 - name: "apt-key add {{ item.key }} (keyserver)"
   apt_key:
     id: "{{ item.value.key_id }}"
     keyserver: "{{ item.value.keyserver }}"
     state: "{{ state }}"
-  when: key_missing and item.value.keyserver is defined and item.value.key_id is defined
+  when: item.value.keyserver is defined and item.value.key_id is defined
   notify: apt update
+  failed_when: no
 
 - name: "add repo {{ item.key }}"
   when: item.value.url is defined and state == "present"
@@ -47,6 +35,7 @@
     content: |
       deb {{ item.value.url }} {{ item.value.distro }} {{ item.value.sections }}
   notify: apt update
+  failed_when: no
 
 - name: "remove repo {{ item.key }}"
   when: state == "absent"
author	Trygve Laugstøl <trygvis@inamo.no>	2021-08-18 19:25:20 +0200
committer	Trygve Laugstøl <trygvis@inamo.no>	2021-08-18 19:25:20 +0200
commit	f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602 (patch)
tree	4d50f0e501cc6b40624d53334a25787d9988b326 /ansible
parent	727378b175aadbf2515e112c25b806cab78a0e78 (diff)
download	infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.tar.gz infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.tar.bz2 infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.tar.xz infra-f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602.zip