evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

Add signed-by option for additional APT sources
All checks were successful
gitea/ansible-roles/pipeline/head This commit looks good
Details

Browse source
This commit is contained in:
Jérémy Lecour 2022-11-02 23:17:08 +01:00 committed by Jérémy Lecour
parent f531460f49
commit 28540247f0
19 changed files with 23 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CHANGELOG.md
View file

@ -12,7 +12,8 @@ The **patch** part changes is incremented if multiple releases happen the same m
### Added
* Use proper keyrings directory for APT version
* all: Use proper keyrings directory for APT version
* all: Add signed-by option for additional APT sources
* evolinux-base: replace regular kernel by cloud kernel on virtual servers
* nagios-nrpe: check_haproxy_stats supports DRAIN status
* lxc-php: set php-fpm umask to 007

2
apt/templates/evolix_public.list.j2
View file

@ -1,3 +1,3 @@
# {{ ansible_managed }}
deb http://pub.evolix.net/ {{ ansible_distribution_release }}/
deb [signed-by={{ apt_keyring_dir }}/reg.asc] http://pub.evolix.net/ {{ ansible_distribution_release }}/

2
docker-host/tasks/main.yml
View file

@ -27,7 +27,7 @@
- name: Add Docker repository
apt_repository:
repo: 'deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
repo: 'deb [arch=amd64 signed-by={{ apt_keyring_dir }}/docker-debian.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
state: present
filename: docker.list

2
elasticsearch/tasks/packages.yml
View file

@ -40,7 +40,7 @@
- name: Elastic sources list is available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: present
update_cache: yes

4
evolinux-base/tasks/hardware.yml
View file

@ -91,7 +91,7 @@
- name: Add HPE repository
apt_repository:
repo: 'deb https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
repo: 'deb [signed-by={{ apt_keyring_dir }}/hpePublicKey2048_key1.asc] https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
state: present
tags:
- packages
@ -219,7 +219,7 @@
- name: Add HW tool repository
apt_repository:
repo: 'deb http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
repo: 'deb [signed-by={{ apt_keyring_dir }}/hwraid.le-vert.net.asc] http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
state: present
tags:
- packages

2
filebeat/tasks/main.yml
View file

@ -40,7 +40,7 @@
- name: Elastic sources list is available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: present
update_cache: yes

2
jenkins/tasks/main.yml
View file

@ -28,7 +28,7 @@
- name: Add jenkins APT repository
apt_repository:
repo: deb http://pkg.jenkins-ci.org/debian-stable binary/
repo: deb [signed-by={{ apt_keyring_dir }}/jenkins.asc] http://pkg.jenkins-ci.org/debian-stable binary/
filename: jenkins
update_cache: yes

2
kibana/tasks/main.yml
View file

@ -40,7 +40,7 @@
- name: Elastic sources list is available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: present
update_cache: yes

2
logstash/tasks/main.yml
View file

@ -40,7 +40,7 @@
- name: Elastic sources list is available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
repo: "deb [signed-by={{ apt_keyring_dir }}/.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: present
update_cache: yes

4
lxc-php/tasks/php80.yml
View file

@ -19,8 +19,8 @@
create: yes
mode: "0644"
loop:
- "deb https://packages.sury.org/php/ bullseye main"
- "deb http://pub.evolix.net/ bullseye-php80/"
- "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
- "deb [signed-by={{ apt_keyring_dir }}/reg.asc] http://pub.evolix.net/ bullseye-php80/"
- name: copy pub.evolix.net GPG key
copy:

4
lxc-php/tasks/php81.yml
View file

@ -19,8 +19,8 @@
create: yes
mode: "0644"
loop:
- "deb https://packages.sury.org/php/ bullseye main"
- "deb http://pub.evolix.net/ bullseye-php81/"
- "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
- "deb [signed-by={{ apt_keyring_dir }}/reg.asc] http://pub.evolix.net/ bullseye-php81/"
- name: copy pub.evolix.net GPG key
copy:

2
metricbeat/tasks/main.yml
View file

@ -40,7 +40,7 @@
- name: Elastic sources list is available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: present
update_cache: yes

2
mongodb/tasks/main_bullseye.yml
View file

@ -29,7 +29,7 @@
- name: enable APT sources list
apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{mongodb_version}} main"
repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{mongodb_version}}.asc] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{mongodb_version}} main"
state: present
filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes

2
mongodb/tasks/main_buster.yml
View file

@ -23,7 +23,7 @@
- name: enable APT sources list
apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/{{mongodb_version}} main"
repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{ mongodb_version }}.asc] http://repo.mongodb.org/apt/debian buster/mongodb-org/{{ mongodb_version }} main"
state: present
filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes

2
newrelic/tasks/sources.yml
View file

@ -23,7 +23,7 @@
- name: Install NewRelic repository
apt_repository:
repo: "deb http://apt.newrelic.com/debian/ newrelic non-free"
repo: "deb [signed-by={{ apt_keyring_dir }}/newrelic.asc] http://apt.newrelic.com/debian/ newrelic non-free"
state: present
filename: newrelic
update_cache: yes

2
nodejs/tasks/main.yml
View file

@ -43,7 +43,7 @@
- name: NodeJS sources list ({{ nodejs_apt_version }}) is available
apt_repository:
repo: "deb https://deb.nodesource.com/{{ nodejs_apt_version }} {{ ansible_distribution_release }} main"
repo: "deb [signed-by={{ apt_keyring_dir }}/nodesource.asc] https://deb.nodesource.com/{{ nodejs_apt_version }} {{ ansible_distribution_release }} main"
filename: nodesource
update_cache: yes
state: present

2
nodejs/tasks/yarn.yml
View file

@ -37,7 +37,7 @@
- name: Yarn sources list is available
apt_repository:
repo: "deb https://dl.yarnpkg.com/debian/ stable main"
repo: "deb [signed-by={{ apt_keyring_dir }}/yarn.asc] https://dl.yarnpkg.com/debian/ stable main"
filename: yarn
update_cache: yes
state: present

2
php/tasks/sury_pre.yml
View file

@ -20,7 +20,7 @@
- name: Setup deb.sury.org repository - Add source list
apt_repository:
repo: "deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
repo: "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
filename: sury
state: present

2
postgresql/tasks/pgdg-repo.yml
View file

@ -31,7 +31,7 @@
- name: Add PGDG repository
apt_repository:
repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ansible_distribution_release}}-pgdg main"
repo: "deb [signed-by={{ apt_keyring_dir }}/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ {{ansible_distribution_release}}-pgdg main"
update_cache: yes
- name: Add APT preference file