Install deb822 sources on Debian >=12
This commit is contained in:
parent
f1644ed138
commit
45e8132d07
43 changed files with 518 additions and 541 deletions
|
@ -1,7 +1,7 @@
|
|||
# This role installs the docker daemon
|
||||
---
|
||||
- name: Remove older docker packages
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- docker
|
||||
- docker-engine
|
||||
|
@ -9,21 +9,21 @@
|
|||
state: absent
|
||||
|
||||
- name: Install source requirements
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- ca-certificates
|
||||
- gnupg2
|
||||
state: present
|
||||
|
||||
- name: Install apt-transport-https (Debian <10)
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: Add Docker's official GPG key
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: docker-debian.asc
|
||||
dest: "{{ apt_keyring_dir }}/docker-debian.asc"
|
||||
force: yes
|
||||
|
@ -32,10 +32,11 @@
|
|||
group: root
|
||||
|
||||
- name: Add Docker repository (Debian <12)
|
||||
apt_repository:
|
||||
ansible.builtin.apt_repository:
|
||||
repo: 'deb [signed-by={{ apt_keyring_dir }}/docker-debian.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
|
||||
filename: docker.list
|
||||
filename: docker
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Add Docker repository (Debian >=12)
|
||||
|
@ -43,43 +44,48 @@
|
|||
src: docker.sources.j2
|
||||
dest: /etc/apt/sources.list.d/docker.sources
|
||||
state: present
|
||||
register: docker_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
when: docker_sources is changed
|
||||
|
||||
- name: Install Docker
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
update_cache: yes
|
||||
|
||||
- name: python-docker is installed
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: python-docker
|
||||
state: present
|
||||
when: ansible_python_version is version('3', '<')
|
||||
|
||||
- name: python3-docker is installed
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: python3-docker
|
||||
state: present
|
||||
when: ansible_python_version is version('3', '>=')
|
||||
|
||||
- name: Copy Docker daemon configuration file
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: daemon.json.j2
|
||||
dest: /etc/docker/daemon.json
|
||||
notify: restart docker
|
||||
|
||||
- name: Creating Docker tmp directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ docker_tmpdir }}"
|
||||
state: directory
|
||||
mode: "0644"
|
||||
owner: root
|
||||
|
||||
- name: Creating Docker TLS directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ docker_tls_path }}"
|
||||
state: directory
|
||||
mode: "0644"
|
||||
|
@ -87,7 +93,7 @@
|
|||
when: docker_tls_enabled | bool
|
||||
|
||||
- name: Copy shellpki utility to Docker TLS directory
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}.j2"
|
||||
dest: "{{ docker_tls_path }}/{{ item }}"
|
||||
mode: "0744"
|
||||
|
@ -97,12 +103,13 @@
|
|||
when: docker_tls_enabled | bool
|
||||
|
||||
- name: Check if certs are already created
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: "{{ docker_tls_path }}/certs"
|
||||
register: tls_certs_stat
|
||||
|
||||
- name: Creating a CA, server key
|
||||
command: "{{ docker_tls_path }}/shellpki.sh init"
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ docker_tls_path }}/shellpki.sh init"
|
||||
when:
|
||||
- docker_tls_enabled | bool
|
||||
- not tls_certs_stat.stat.isdir
|
||||
|
|
36
elasticsearch/tasks/apt_sources.yml
Normal file
36
elasticsearch/tasks/apt_sources.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
- name: APT https transport is enabled (Debian <10)
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
ansible.builtin.copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add Elastic repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Add Elastic repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: elastic.sources.j2
|
||||
dest: /etc/apt/sources.list.d/elastic.sources
|
||||
state: present
|
||||
register: elastic_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
when: elastic_sources is changed
|
|
@ -1,73 +1,23 @@
|
|||
---
|
||||
|
||||
- name: APT https transport is enabled
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Elastic embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "D88E42B4"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Elastic sources list is available
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Unsigned Elastic sources list is not available
|
||||
apt_repository:
|
||||
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: absent
|
||||
update_cache: yes
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
- name: APT sources
|
||||
ansible.builtin.import_tasks: apt_sources.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Elasticsearch is installed
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: elasticsearch
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- elasticsearch
|
||||
- packages
|
||||
|
||||
- name: Elasticsearch service is enabled
|
||||
service:
|
||||
ansible.builtin.systemd:
|
||||
name: elasticsearch
|
||||
enabled: yes
|
||||
tags:
|
||||
|
|
8
elasticsearch/templates/elastic.sources.j2
Normal file
8
elasticsearch/templates/elastic.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt
|
||||
Suites: stable
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/elastic.asc
|
||||
Enabled: yes
|
|
@ -55,6 +55,7 @@
|
|||
ansible.builtin.apt_repository:
|
||||
repo: 'deb [signed-by={{ apt_keyring_dir }}/hwraid.le-vert.net.asc] http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- packages
|
||||
when:
|
||||
|
@ -66,8 +67,13 @@
|
|||
dest: /etc/apt/sources.list.d/hwraid.le-vert.net.sources
|
||||
tags:
|
||||
- packages
|
||||
when:
|
||||
- ansible_distribution_major_version is version('12', '>=')
|
||||
register: hwraid_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: hwraid_sources is changed
|
||||
|
||||
- name: Install packages for DELL/LSI hardware
|
||||
ansible.builtin.apt:
|
||||
|
|
36
filebeat/tasks/apt_sources.yml
Normal file
36
filebeat/tasks/apt_sources.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
- name: APT https transport is enabled (Debian <10)
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
ansible.builtin.copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add Elastic repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Add Elastic repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: elastic.sources.j2
|
||||
dest: /etc/apt/sources.list.d/elastic.sources
|
||||
state: present
|
||||
register: elastic_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: elastic_sources is changed
|
|
@ -1,62 +1,11 @@
|
|||
---
|
||||
|
||||
- name: APT https transport is enabled
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
|
||||
- name: Elastic embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "D88E42B4"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
|
||||
- name: Elastic sources list is available
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
|
||||
- name: Unsigned Elastic sources list is not available
|
||||
apt_repository:
|
||||
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: absent
|
||||
update_cache: yes
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
- name: APT sources
|
||||
import_tasks: apt_sources.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
- filebeat
|
||||
- packages
|
||||
|
||||
- name: Filebeat is installed
|
||||
apt:
|
||||
|
|
8
filebeat/templates/elastic.sources.j2
Normal file
8
filebeat/templates/elastic.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt
|
||||
Suites: stable
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/elastic.asc
|
||||
Enabled: yes
|
|
@ -1,27 +1,9 @@
|
|||
---
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- packages
|
||||
- fluentd
|
||||
|
||||
- name: Fluentd embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "AB97ACBE"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- packages
|
||||
- fluentd
|
||||
|
||||
- name: Add Fluentd GPG key
|
||||
copy:
|
||||
src: fluentd.asc
|
||||
dest: "{{ apt_keyring_dir }}/fluentd.asc"
|
||||
src: treasuredata.asc
|
||||
dest: "{{ apt_keyring_dir }}/treasuredata.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
|
@ -30,30 +12,31 @@
|
|||
- packages
|
||||
- fluentd
|
||||
|
||||
- name: Fluentd sources list is available
|
||||
- name: Add Treasuredata repository (Debian <12)
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/fluentd.asc] http://packages.treasuredata.com/3/debian/{{ ansible_distribution_release }}/ {{ ansible_distribution_release }} contrib"
|
||||
filename: treasuredata
|
||||
update_cache: yes
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/treasuredata.asc] http://packages.treasuredata.com/3/debian/{{ ansible_distribution_release }}/ {{ ansible_distribution_release }} contrib"
|
||||
filename: treasuredata.list
|
||||
state: present
|
||||
tags:
|
||||
- packages
|
||||
- fluentd
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Unsigned Fluentd sources list is not available
|
||||
apt_repository:
|
||||
repo: "deb http://packages.treasuredata.com/3/debian/{{ ansible_distribution_release }}/ {{ ansible_distribution_release }} contrib"
|
||||
filename: treasuredata
|
||||
update_cache: yes
|
||||
state: absent
|
||||
- name: Add Treasuredata repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: treasuredata.sources.j2
|
||||
dest: /etc/apt/sources.list.d/treasuredata.sources
|
||||
state: present
|
||||
tags:
|
||||
- packages
|
||||
- fluentd
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Fluentd is installed.
|
||||
apt:
|
||||
name: td-agent
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- fluentd
|
||||
- packages
|
||||
|
|
8
fluentd/templates/treasuredata.sources.j2
Normal file
8
fluentd/templates/treasuredata.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: http://packages.treasuredata.com/3/debian/{{ ansible_distribution_release }}/
|
||||
Suites: {{ ansible_distribution_release }}
|
||||
Components: contrib
|
||||
Signed-by: {{ apt_keyring_dir }}/treasuredata.asc
|
||||
Enabled: yes
|
|
@ -5,18 +5,6 @@
|
|||
# http://mirrors.jenkins.io/.*
|
||||
# http://jenkins.mirror.isppower.de/.*
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
|
||||
- name: Jenkins embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "D50582E6"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
|
||||
- name: Add Jenkins GPG key
|
||||
copy:
|
||||
src: jenkins.asc
|
||||
|
@ -26,22 +14,30 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add jenkins APT repository
|
||||
- name: Add Jenkins APT repository (Debian <12)
|
||||
apt_repository:
|
||||
repo: deb [signed-by={{ apt_keyring_dir }}/jenkins.asc] http://pkg.jenkins-ci.org/debian-stable binary/
|
||||
filename: jenkins
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Remove unsigned jenkins APT repository
|
||||
apt_repository:
|
||||
repo: deb http://pkg.jenkins-ci.org/debian-stable binary/
|
||||
filename: jenkins
|
||||
- name: Add Jenkins repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: jenkins.sources.j2
|
||||
dest: /etc/apt/sources.list.d/jenkins.sources
|
||||
state: present
|
||||
register: jenkins_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
state: absent
|
||||
when: jenkins_sources is changed
|
||||
|
||||
- name: Install Jenkins
|
||||
apt:
|
||||
name: jenkins
|
||||
state: present
|
||||
|
||||
- name: Change Jenkins port
|
||||
replace:
|
||||
|
|
7
jenkins/templates/jenkins.sources.j2
Normal file
7
jenkins/templates/jenkins.sources.j2
Normal file
|
@ -0,0 +1,7 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: http://pkg.jenkins-ci.org/debian-stable
|
||||
Suites: binary/
|
||||
Signed-by: {{ apt_keyring_dir }}/jenkins.asc
|
||||
Enabled: yes
|
36
kibana/tasks/apt_sources.yml
Normal file
36
kibana/tasks/apt_sources.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
- name: APT https transport is enabled (Debian <10)
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
ansible.builtin.copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add Elastic repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Add Elastic repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: elastic.sources.j2
|
||||
dest: /etc/apt/sources.list.d/elastic.sources
|
||||
state: present
|
||||
register: elastic_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: elastic_sources is changed
|
|
@ -1,67 +1,17 @@
|
|||
---
|
||||
|
||||
- name: APT https transport is enabled
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
||||
- name: Elastic embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "D88E42B4"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
||||
- name: Elastic sources list is available
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
||||
- name: Unsigned Elastic sources list is not available
|
||||
apt_repository:
|
||||
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: absent
|
||||
update_cache: yes
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
- name: APT sources
|
||||
import_tasks: apt_sources.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
||||
- name: Kibana is installed
|
||||
apt:
|
||||
name: kibana
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- kibana
|
||||
- packages
|
||||
|
|
8
kibana/templates/elastic.sources.j2
Normal file
8
kibana/templates/elastic.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt
|
||||
Suites: stable
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/elastic.asc
|
||||
Enabled: yes
|
36
logstash/tasks/apt_sources.yml
Normal file
36
logstash/tasks/apt_sources.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
- name: APT https transport is enabled (Debian <10)
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
ansible.builtin.copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add Elastic repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Add Elastic repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: elastic.sources.j2
|
||||
dest: /etc/apt/sources.list.d/elastic.sources
|
||||
state: present
|
||||
register: elastic_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: elastic_sources is changed
|
|
@ -1,62 +1,11 @@
|
|||
---
|
||||
|
||||
- name: APT https transport is enabled
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
|
||||
- name: Elastic embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "D88E42B4"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
|
||||
- name: Elastic sources list is available
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
|
||||
- name: Unsigned Elastic sources list is not available
|
||||
apt_repository:
|
||||
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: absent
|
||||
update_cache: yes
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
- name: APT sources
|
||||
import_tasks: apt_sources.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
- logstash
|
||||
- packages
|
||||
|
||||
- name: Logstash is installed
|
||||
apt:
|
||||
|
|
8
logstash/templates/elastic.sources.j2
Normal file
8
logstash/templates/elastic.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt
|
||||
Suites: stable
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/elastic.asc
|
||||
Enabled: yes
|
36
metricbeat/tasks/apt_sources.yml
Normal file
36
metricbeat/tasks/apt_sources.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
- name: APT https transport is enabled (Debian <10)
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
ansible.builtin.copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add Elastic repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Add Elastic repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: elastic.sources.j2
|
||||
dest: /etc/apt/sources.list.d/elastic.sources
|
||||
state: present
|
||||
register: elastic_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: elastic_sources is changed
|
|
@ -1,62 +1,11 @@
|
|||
---
|
||||
|
||||
- name: APT https transport is enabled
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
|
||||
- name: Elastic embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "D88E42B4"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
|
||||
- name: Elastic GPG key is installed
|
||||
copy:
|
||||
src: elastic.asc
|
||||
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
||||
force: yes
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
|
||||
- name: Elastic sources list is available
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
|
||||
- name: Elastic sources list is available
|
||||
apt_repository:
|
||||
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
||||
filename: elastic
|
||||
state: absent
|
||||
update_cache: yes
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
- name: APT sources
|
||||
import_tasks: apt_sources.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
- metricbeat
|
||||
- packages
|
||||
|
||||
- name: Metricbeat is installed
|
||||
apt:
|
||||
|
|
8
metricbeat/templates/elastic.sources.j2
Normal file
8
metricbeat/templates/elastic.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt
|
||||
Suites: stable
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/elastic.asc
|
||||
Enabled: yes
|
|
@ -1,13 +1,14 @@
|
|||
---
|
||||
|
||||
- include: main_jessie.yml
|
||||
- ansible.builtin.import_tasks: main_jessie.yml
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- include: main_stretch.yml
|
||||
- ansible.builtin.import_tasks: main_stretch.yml
|
||||
when: ansible_distribution_release == "stretch"
|
||||
|
||||
- include: main_buster.yml
|
||||
- ansible.builtin.import_tasks: main_buster.yml
|
||||
when: ansible_distribution_release == "buster"
|
||||
|
||||
- include: main_bullseye.yml
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
- ansible.builtin.import_tasks: main_bullseye.yml
|
||||
when: ansible_distribution_release == "bullseye"
|
||||
|
||||
|
|
|
@ -1,22 +1,10 @@
|
|||
---
|
||||
|
||||
- fail:
|
||||
msg: Not compatible with Debian 11 (Bullseye)
|
||||
msg: MongoDB versions <4.2 are not compatible with Debian 11 (Bullseye)
|
||||
when:
|
||||
- ansible_distribution_release == "bullseye"
|
||||
- mongodb_version is version('5.0', '<')
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
|
||||
- name: MongoDB embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "B8612B5D"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
- mongodb_version is version('5.2', '<')
|
||||
|
||||
- name: Add MongoDB GPG key
|
||||
copy:
|
||||
|
@ -27,19 +15,11 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Enable APT sources list
|
||||
- name: Add MongoDB repository
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{ mongodb_version }}.asc] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{ mongodb_version }} main"
|
||||
state: present
|
||||
filename: "mongodb-org-{{ mongodb_version }}"
|
||||
update_cache: yes
|
||||
|
||||
- name: Disable unsigned APT sources list
|
||||
apt_repository:
|
||||
repo: "deb http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{ mongodb_version }} main"
|
||||
state: absent
|
||||
filename: "mongodb-org-{{ mongodb_version }}"
|
||||
update_cache: yes
|
||||
|
||||
- name: Install packages
|
||||
apt:
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
|
||||
- name: Pre-seed package configuration with app name
|
||||
debconf:
|
||||
ansible.builtin.debconf:
|
||||
name: newrelic-php5
|
||||
question: "newrelic-php5/application-name"
|
||||
value: "{{ newrelic_appname }}"
|
||||
|
@ -9,7 +9,7 @@
|
|||
when: newrelic_appname | length > 0
|
||||
|
||||
- name: Pre-seed package configuration with license
|
||||
debconf:
|
||||
ansible.builtin.debconf:
|
||||
name: newrelic-php5
|
||||
question: "newrelic-php5/license-key"
|
||||
value: "{{ newrelic_license }}"
|
||||
|
@ -17,26 +17,27 @@
|
|||
when: newrelic_license | length > 0
|
||||
|
||||
- name: list newrelic config files
|
||||
shell: "find /etc/php* -type f -name newrelic.ini"
|
||||
ansible.builtin.shell:
|
||||
cmd: "find /etc/php* -type f -name newrelic.ini"
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
register: find_newrelic_ini
|
||||
|
||||
- name: Disable AWS detection
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
dest: "{{ item }}"
|
||||
regexp: '^;?newrelic.daemon.utilization.detect_aws'
|
||||
line: 'newrelic.daemon.utilization.detect_aws = false'
|
||||
loop: "{{ find_newrelic_ini.stdout_lines }}"
|
||||
|
||||
- name: Disable Docker detection
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
dest: "{{ item }}"
|
||||
regexp: '^;?newrelic.daemon.utilization.detect_docker'
|
||||
line: 'newrelic.daemon.utilization.detect_docker = false'
|
||||
loop: "{{ find_newrelic_ini.stdout_lines }}"
|
||||
|
||||
- name: Install package for PHP
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: newrelic-php5
|
||||
state: present
|
||||
|
|
|
@ -1,19 +1,7 @@
|
|||
---
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
|
||||
- name: NewRelic embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "548C16BF"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
|
||||
- name: Add NewRelic GPG key
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: newrelic.asc
|
||||
dest: "{{ apt_keyring_dir }}/newrelic.asc"
|
||||
force: yes
|
||||
|
@ -21,16 +9,23 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Install NewRelic repository
|
||||
apt_repository:
|
||||
- name: Install NewRelic repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/newrelic.asc] http://apt.newrelic.com/debian/ newrelic non-free"
|
||||
state: present
|
||||
filename: newrelic
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Desinstall unsigned NewRelic repository
|
||||
apt_repository:
|
||||
repo: "deb http://apt.newrelic.com/debian/ newrelic non-free"
|
||||
state: absent
|
||||
filename: newrelic
|
||||
- name: Add NewRelic repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: newrelic.sources.j2
|
||||
dest: /etc/apt/sources.list.d/newrelic.sources
|
||||
state: present
|
||||
register: newrelic_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
when: newrelic_sources is changed
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
|
||||
- name: Install system monitor daemon
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: newrelic-sysmond
|
||||
|
||||
- name: Set license key for newrelic-sysmond
|
||||
replace:
|
||||
ansible.builtin.replace:
|
||||
dest: /etc/newrelic/nrsysmond.cfg
|
||||
regexp: "license_key=REPLACE_WITH_REAL_KEY"
|
||||
replace: "license_key={{ newrelic_license }}"
|
||||
|
|
8
newrelic/templates/newrelic.sources.j2
Normal file
8
newrelic/templates/newrelic.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: http://apt.newrelic.com/debian/
|
||||
Suites: newrelic
|
||||
Components: non-free
|
||||
Signed-by: {{ apt_keyring_dir }}/newrelic.asc
|
||||
Enabled: yes
|
|
@ -1,36 +1,17 @@
|
|||
---
|
||||
|
||||
- name: APT https transport is enabled
|
||||
apt:
|
||||
- name: APT https transport is enabled (Debian <10)
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
|
||||
- name: NodeJS embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "68576280"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: NodeJS GPG key is installed
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: nodesource.asc
|
||||
dest: "{{ apt_keyring_dir }}/nodesource.asc"
|
||||
mode: "0644"
|
||||
|
@ -41,8 +22,8 @@
|
|||
- packages
|
||||
- nodejs
|
||||
|
||||
- name: NodeJS sources list ({{ nodejs_apt_version }}) is available
|
||||
apt_repository:
|
||||
- name: Add NodeJS repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/nodesource.asc] https://deb.nodesource.com/{{ nodejs_apt_version }} {{ ansible_distribution_release }} main"
|
||||
filename: nodesource
|
||||
update_cache: yes
|
||||
|
@ -51,26 +32,32 @@
|
|||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Unsigned NodeJS sources list ({{ nodejs_apt_version }}) is not available
|
||||
apt_repository:
|
||||
repo: "deb https://deb.nodesource.com/{{ nodejs_apt_version }} {{ ansible_distribution_release }} main"
|
||||
filename: nodesource
|
||||
update_cache: yes
|
||||
state: absent
|
||||
- name: Add NodeJS repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: nodesource.sources.j2
|
||||
dest: /etc/apt/sources.list.d/nodesource.sources
|
||||
state: present
|
||||
register: nodesource_sources
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
when: nodesource_sources is changed
|
||||
|
||||
- name: NodeJS is installed
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: nodejs
|
||||
state: present
|
||||
update_cache: yes
|
||||
tags:
|
||||
- packages
|
||||
- nodejs
|
||||
|
||||
- include: yarn.yml
|
||||
- ansible.builtin.import_tasks: yarn.yml
|
||||
when: nodejs_install_yarn | bool
|
||||
|
|
|
@ -1,29 +1,7 @@
|
|||
---
|
||||
|
||||
- name: Look for legacy apt keyring
|
||||
stat:
|
||||
path: /etc/apt/trusted.gpg
|
||||
register: _trusted_gpg_keyring
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
- yarn
|
||||
|
||||
- name: Yarn embedded GPG key is absent
|
||||
apt_key:
|
||||
id: "86E50310"
|
||||
keyring: /etc/apt/trusted.gpg
|
||||
state: absent
|
||||
when: _trusted_gpg_keyring.stat.exists
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
- yarn
|
||||
|
||||
- name: Yarn GPG key is installed
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: yarn.asc
|
||||
dest: "{{ apt_keyring_dir }}/yarn.asc"
|
||||
mode: "0644"
|
||||
|
@ -35,32 +13,39 @@
|
|||
- nodejs
|
||||
- yarn
|
||||
|
||||
- name: Yarn sources list is available
|
||||
apt_repository:
|
||||
- name: Add Yarn repository (Debian <12)
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/yarn.asc] https://dl.yarnpkg.com/debian/ stable main"
|
||||
filename: yarn
|
||||
update_cache: yes
|
||||
state: present
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
- yarn
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Unsigned Yarn sources list is not available
|
||||
apt_repository:
|
||||
repo: "deb https://dl.yarnpkg.com/debian/ stable main"
|
||||
filename: yarn
|
||||
- name: Add Yarn repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: yarn.sources.j2
|
||||
dest: /etc/apt/sources.list.d/yarn.sources
|
||||
state: present
|
||||
update_cache: yes
|
||||
state: absent
|
||||
register: yarn_sources
|
||||
tags:
|
||||
- system
|
||||
- packages
|
||||
- nodejs
|
||||
- yarn
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
when: yarn_sources is changed
|
||||
|
||||
- name: Yarn is installed
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: yarn
|
||||
state: present
|
||||
tags:
|
||||
|
|
8
nodejs/templates/nodesource.sources.j2
Normal file
8
nodejs/templates/nodesource.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://deb.nodesource.com/{{ nodejs_apt_version }}
|
||||
Suites: {{ ansible_distribution_release }}
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/nodesource.asc
|
||||
Enabled: yes
|
8
nodejs/templates/yarn.sources.j2
Normal file
8
nodejs/templates/yarn.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://dl.yarnpkg.com/debian/
|
||||
Suites: stable
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/yarn.asc
|
||||
Enabled: yes
|
|
@ -1,12 +1,10 @@
|
|||
---
|
||||
|
||||
- name: Setup deb.sury.org repository - Add GPG key
|
||||
copy:
|
||||
src: sury.gpg
|
||||
dest: "{{ apt_keyring_dir }}/sury.gpg"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
- name: Setup deb.sury.org repository - Install apt-transport-https
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
when: ansible_distribution_major_version is version('10', '<')
|
||||
|
||||
- name: copy pub.evolix.org GPG key
|
||||
copy:
|
||||
|
@ -16,18 +14,6 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Setup deb.sury.org repository - Install apt-transport-https
|
||||
apt:
|
||||
state: present
|
||||
name: apt-transport-https
|
||||
|
||||
- name: Setup deb.sury.org repository - Add preferences file
|
||||
copy:
|
||||
src: sury.preferences
|
||||
dest: /etc/apt/preferences.d/z-sury
|
||||
when:
|
||||
- ansible_distribution_release != "bullseye"
|
||||
|
||||
- name: Setup pub.evolix.org repository - Add source list
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix {{ ansible_distribution_release }}-php81 main"
|
||||
|
@ -36,17 +22,41 @@
|
|||
when:
|
||||
- ansible_distribution_release == "bullseye"
|
||||
|
||||
- name: Setup deb.sury.org repository - Add source list
|
||||
- name: Setup deb.sury.org repository - Add preferences file
|
||||
copy:
|
||||
src: sury.preferences
|
||||
dest: /etc/apt/preferences.d/z-sury
|
||||
when:
|
||||
- ansible_distribution_release != "bullseye"
|
||||
|
||||
- name: Setup deb.sury.org repository - Add GPG key
|
||||
copy:
|
||||
src: sury.gpg
|
||||
dest: "{{ apt_keyring_dir }}/sury.gpg"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Add Sury repository (Debian <12)
|
||||
apt_repository:
|
||||
repo: "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
|
||||
filename: sury
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: Setup deb.sury.org repository - Remove unsigned source list
|
||||
apt_repository:
|
||||
repo: "deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
|
||||
filename: sury
|
||||
state: absent
|
||||
- name: Add Sury repository (Debian >=12)
|
||||
ansible.builtin.template:
|
||||
src: sury.sources.j2
|
||||
dest: /etc/apt/sources.list.d/sury.sources
|
||||
state: present
|
||||
register: sury_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: Update APT cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: sury_sources is changed
|
||||
|
||||
- name: "Override package list for Sury (Debian 9 or later)"
|
||||
set_fact:
|
||||
|
|
8
php/templates/sury.sources.j2
Normal file
8
php/templates/sury.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://packages.sury.org/php/
|
||||
Suites: {{ ansible_distribution_release }}
|
||||
Components: main
|
||||
Signed-by: {{ apt_keyring_dir }}/sury.gpg
|
||||
Enabled: yes
|
|
@ -1,25 +1,28 @@
|
|||
---
|
||||
- include: locales.yml
|
||||
- ansible.builtin.import_tasks: locales.yml
|
||||
|
||||
- include: packages_jessie.yml
|
||||
- ansible.builtin.import_tasks: packages_jessie.yml
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- include: packages_stretch.yml
|
||||
- ansible.builtin.import_tasks: packages_stretch.yml
|
||||
when: ansible_distribution_release == "stretch"
|
||||
|
||||
- include: packages_buster.yml
|
||||
- ansible.builtin.import_tasks: packages_buster.yml
|
||||
when: ansible_distribution_release == "buster"
|
||||
|
||||
- include: packages_bullseye.yml
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
- ansible.builtin.import_tasks: packages_bullseye.yml
|
||||
when: ansible_distribution_release == "bullseye"
|
||||
|
||||
- include: config.yml
|
||||
- ansible.builtin.import_tasks: packages_bookworm.yml
|
||||