Browse Source

explicit permissions for APT GPG keys

pull/129/head
Jérémy Lecour 4 months ago
committed by Jérémy Lecour
parent
commit
454d4c6d30
  1. 2
      apt/tasks/evolix_public.yml
  2. 2
      docker-host/tasks/main.yml
  3. 2
      elasticsearch/tasks/packages.yml
  4. 4
      evolinux-base/tasks/hardware.yml
  5. 2
      filebeat/tasks/main.yml
  6. 2
      fluentd/tasks/main.yml
  7. 2
      jenkins/tasks/main.yml
  8. 2
      kibana/tasks/main.yml
  9. 2
      logstash/tasks/main.yml
  10. 4
      lxc-php/tasks/php74.yml
  11. 2
      metricbeat/tasks/main.yml
  12. 2
      mongodb/tasks/main_buster.yml
  13. 2
      newrelic/tasks/sources.yml
  14. 3
      nodejs/tasks/main.yml
  15. 3
      nodejs/tasks/yarn.yml
  16. 2
      percona/tasks/main.yml
  17. 2
      php/tasks/sury_pre.yml
  18. 2
      postgresql/tasks/pgdg-repo.yml

2
apt/tasks/evolix_public.yml

@ -14,6 +14,8 @@
dest: /etc/apt/trusted.gpg.d/reg.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- apt

2
docker-host/tasks/main.yml

@ -33,6 +33,8 @@
dest: /etc/apt/trusted.gpg.d/docker-debian.asc
force: yes
mode: "0644"
owner: root
group: root
- name: Install docker and python-docker
apt:

2
elasticsearch/tasks/packages.yml

@ -23,6 +23,8 @@
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- elasticsearch
- packages

4
evolinux-base/tasks/hardware.yml

@ -49,6 +49,8 @@
dest: /etc/apt/trusted.gpg.d/hpePublicKey2048_key1.asc
force: yes
mode: "0644"
owner: root
group: root
- name: Add HPE repository
apt_repository:
@ -114,6 +116,8 @@
dest: /etc/apt/trusted.gpg.d/hwraid.le-vert.net.asc
force: yes
mode: "0644"
owner: root
group: root
when: ansible_distribution_major_version is version('9', '>=')
- name: Add HW tool repository

2
filebeat/tasks/main.yml

@ -23,6 +23,8 @@
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- filebeat
- packages

2
fluentd/tasks/main.yml

@ -15,6 +15,8 @@
dest: /etc/apt/trusted.gpg.d/fluentd.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- packages
- fluentd

2
jenkins/tasks/main.yml

@ -17,6 +17,8 @@
dest: /etc/apt/trusted.gpg.d/jenkins.asc
force: yes
mode: "0644"
owner: root
group: root
- name: Add jenkins APT repository
apt_repository:

2
kibana/tasks/main.yml

@ -23,6 +23,8 @@
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- kibana
- packages

2
logstash/tasks/main.yml

@ -23,6 +23,8 @@
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- logstash
- packages

4
lxc-php/tasks/php74.yml

@ -21,12 +21,16 @@
src: reg.asc
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/trusted.gpg.d/reg.asc
mode: "0644"
owner: root
group: root
- name: copy packages.sury.org GPG Key
copy:
src: sury.gpg
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/trusted.gpg.d/sury.gpg
mode: "0644"
owner: root
group: root
- name: "{{ lxc_php_version }} - Update APT cache"
lxc_container:

2
metricbeat/tasks/main.yml

@ -23,6 +23,8 @@
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
owner: root
group: root
tags:
- metricbeat
- packages

2
mongodb/tasks/main_buster.yml

@ -12,6 +12,8 @@
dest: /etc/apt/trusted.gpg.d/mongodb-server-4.2.asc
force: yes
mode: "0644"
owner: root
group: root
- name: enable APT sources list
apt_repository:

2
newrelic/tasks/sources.yml

@ -12,6 +12,8 @@
dest: /etc/apt/trusted.gpg.d/newrelic.asc
force: yes
mode: "0644"
owner: root
group: root
- name: Install NewRelic repository
apt_repository:

3
nodejs/tasks/main.yml

@ -23,6 +23,9 @@
copy:
src: nodesource.asc
dest: /etc/apt/trusted.gpg.d/nodesource.asc
mode: "0644"
owner: root
group: root
tags:
- system
- packages

3
nodejs/tasks/yarn.yml

@ -15,6 +15,9 @@
copy:
src: yarnpkg.asc
dest: /etc/apt/trusted.gpg.d/yarnpkg.asc
mode: "0644"
owner: root
group: root
tags:
- system
- packages

2
percona/tasks/main.yml

@ -15,6 +15,8 @@
dest: /etc/apt/trusted.gpg.d/percona.asc
force: yes
mode: "0644"
owner: root
group: root
- name: Check if percona-release is installed
shell: "set -o pipefail && dpkg -l percona-release 2> /dev/null | grep -q -E '^(i|h)i'"

2
php/tasks/sury_pre.yml

@ -5,6 +5,8 @@
url: https://packages.sury.org/php/apt.gpg
dest: /etc/apt/trusted.gpg.d/sury.gpg
mode: "0644"
owner: root
group: root
- name: Setup deb.sury.org repository - Install apt-transport-https
apt:

2
postgresql/tasks/pgdg-repo.yml

@ -25,6 +25,8 @@
dest: /etc/apt/trusted.gpg.d/pgdg.asc
force: yes
mode: "0644"
owner: root
group: root
- name: Update and upgrade apt packages for PGDG repository
apt:

Loading…
Cancel
Save