From f0803cb1b11ac5f4c8bd30d0dea8ceccb7a72602 Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Wed, 18 Aug 2021 19:25:20 +0200 Subject: apt-repos --- ansible/group_vars/all/apt-repos.yml | 16 ++++++--- ansible/group_vars/workstation/apt-repos.yml | 5 +-- ansible/roles/apt-repos/tasks/main.yml | 13 +++++++ ansible/roles/apt-repos/tasks/repo.yml | 51 +++++++++++----------------- 4 files changed, 48 insertions(+), 37 deletions(-) (limited to 'ansible') diff --git a/ansible/group_vars/all/apt-repos.yml b/ansible/group_vars/all/apt-repos.yml index 0550745..6ec3b6a 100644 --- a/ansible/group_vars/all/apt-repos.yml +++ b/ansible/group_vars/all/apt-repos.yml @@ -15,7 +15,7 @@ apt_repos: openmodelica: url: http://build.openmodelica.org/apt - distro: jessie + distro: "{{ ansible_distribution_release }}" sections: release key_id: D229AF1CE5AED74E5F59DF303A59B53664970947 key_url: http://build.openmodelica.org/apt/openmodelica.asc @@ -31,7 +31,7 @@ apt_repos: docker: url: "[arch=amd64] https://download.docker.com/linux/debian" - distro: stretch + distro: "{{ ansible_distribution_release }}" sections: stable key_id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 key_url: https://download.docker.com/linux/debian/gpg @@ -49,7 +49,7 @@ apt_repos: url: "[arch=amd64] https://repo.skype.com/deb" distro: stable sections: main - key_id: D4040146BE3972509FD57FC71F3045A5DF7587C3 + key_id: 1F3045A5DF7587C3 key_url: https://repo.skype.com/data/SKYPE-GPG-KEY keyserver: hkp://keyserver.ubuntu.com:80 state: "{{ apt_repos_skype_stable_state | default('absent') }}" @@ -121,7 +121,7 @@ apt_repos: slack: url: https://packagecloud.io/slacktechnologies/slack/debian/ - distro: jessie + distro: jessie # "{{ ansible_distribution_release }}" sections: main key_id: C6ABDCF64DB9A0B2 keyserver: hkp://keyserver.ubuntu.com:80 @@ -143,3 +143,11 @@ apt_repos: key_id: EB4C1BFD4F042F6DDDCCEC917721F63BD38B4796 key_url: https://dl.google.com/linux/linux_signing_key.pub state: "{{ apt_repos_dart_state | default('absent') }}" + + balena_etcher: + url: "https://dl.cloudsmith.io/public/balena/etcher/deb/debian" + distro: "{{ ansible_distribution_release }}" + sections: main + key_id: 70528471AFF9A051 + key_url: https://dl.cloudsmith.io/public/balena/etcher/gpg.70528471AFF9A051.key + state: "{{ apt_repos_balena_etcher_state | default('absent') }}" diff --git a/ansible/group_vars/workstation/apt-repos.yml b/ansible/group_vars/workstation/apt-repos.yml index a4d3d34..d9ddc5f 100644 --- a/ansible/group_vars/workstation/apt-repos.yml +++ b/ansible/group_vars/workstation/apt-repos.yml @@ -1,6 +1,7 @@ apt_repos_atom_state: present +apt_repos_balena_etcher_state: present apt_repos_dart_state: present -apt_repos_docker_state: present +apt_repos_docker_state: absent # debian's version is up to date now apt_repos_dropbox_state: present apt_repos_google_cloud_sdk_state: present apt_repos_google_state: present @@ -11,7 +12,7 @@ apt_repos_openmodelica_state: present apt_repos_picoscope_state: present apt_repos_postgresql_state: present apt_repos_signal_state: present -apt_repos_skype_stable_state: present +apt_repos_skype_stable_state: absent apt_repos_skype_unstable_state: absent apt_repos_slack_state: present apt_repos_souffle_state: absent diff --git a/ansible/roles/apt-repos/tasks/main.yml b/ansible/roles/apt-repos/tasks/main.yml index 2789073..96ffd7d 100644 --- a/ansible/roles/apt-repos/tasks/main.yml +++ b/ansible/roles/apt-repos/tasks/main.yml @@ -1,3 +1,16 @@ +- with_dict: "{{ apt_repos if apt_repos is defined else {} }}" + name: apt-key adv --recv-keys + shell: apt-key adv --recv-keys {{ item.value.key_id|default("") }} + become: yes +# debug: +# msg: apt-key adv --recv-keys {{ item.value.key_id|default("") }} + vars: + state: "{{ item.value.state | default('present') }}" + when: + - apt_repos_refresh_keys | default(false) + - item.value.key_id + ignore_errors: true + - with_dict: "{{ apt_repos if apt_repos is defined else {} }}" include_tasks: repo.yml vars: diff --git a/ansible/roles/apt-repos/tasks/repo.yml b/ansible/roles/apt-repos/tasks/repo.yml index a338ce1..2b8719f 100644 --- a/ansible/roles/apt-repos/tasks/repo.yml +++ b/ansible/roles/apt-repos/tasks/repo.yml @@ -1,42 +1,30 @@ -- name: Check if PGP key is installed ({{ item.key }}) - command: "apt-key export {{ item.value.key_id }}" - register: pgp_key - failed_when: no - changed_when: no - -- set_fact: - key_missing: "{{ 'nothing exported' in pgp_key.stderr }}" - -- become: yes - when: key_missing and item.key_url is defined - block: - - name: Download ES PGP key - become: yes - get_url: - url: "{{ item.key_url }}" - dest: /tmp/apt-repo.pgp - when: key_missing +# Keys needs to be refreshed sometimes, so always import them +#- name: Check if PGP key is installed ({{ item.key }}) +# command: "apt-key export {{ item.value.key_id }}" +# register: pgp_key +# failed_when: no +# changed_when: no +# +#- set_fact: +# key_missing: "{{ 'nothing exported' in pgp_key.stderr }}" - - name: Install ES key - become: yes - command: apt-key add /tmp/apt-repo.pgp - when: key_missing - notify: apt update - - - name: rm /tmp/apt-repo.pgp - become: yes - file: - path: /tmp/apt-repo.pgp - state: absent - when: key_missing +- name: "apt-key add {{ item.key }} (url)" + become: yes + apt_key: + id: "{{ item.value.key_id }}" + url: "{{ item.value.key_url }}" + state: "{{ state }}" + when: item.value.key_url is defined + failed_when: no - name: "apt-key add {{ item.key }} (keyserver)" apt_key: id: "{{ item.value.key_id }}" keyserver: "{{ item.value.keyserver }}" state: "{{ state }}" - when: key_missing and item.value.keyserver is defined and item.value.key_id is defined + when: item.value.keyserver is defined and item.value.key_id is defined notify: apt update + failed_when: no - name: "add repo {{ item.key }}" when: item.value.url is defined and state == "present" @@ -47,6 +35,7 @@ content: | deb {{ item.value.url }} {{ item.value.distro }} {{ item.value.sections }} notify: apt update + failed_when: no - name: "remove repo {{ item.key }}" when: state == "absent" -- cgit v1.2.3