From 6c0ca0239154eb311e91688281ea7b802f5330d2 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Mon, 11 Dec 2023 14:06:10 +0100 Subject: [PATCH] apt: add task file to install ELTS repository (default: False) --- CHANGELOG.md | 1 + apt/defaults/main.yml | 3 +- apt/files/freexian-archive-extended-lts.gpg | Bin 0 -> 1176 bytes apt/tasks/extended-lts.oneline.yml.yml | 37 ++++++++++++++++++++ apt/tasks/main.yml | 10 +++++- apt/templates/jessie_extended-lts.list.j2 | 4 +++ apt/templates/stretch_extended-lts.list.j2 | 4 +++ 7 files changed, 57 insertions(+), 2 deletions(-) create mode 100644 apt/files/freexian-archive-extended-lts.gpg create mode 100644 apt/tasks/extended-lts.oneline.yml.yml create mode 100644 apt/templates/jessie_extended-lts.list.j2 create mode 100644 apt/templates/stretch_extended-lts.list.j2 diff --git a/CHANGELOG.md b/CHANGELOG.md index ec472e70..fd1a786c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ The **patch** part changes is incremented if multiple releases happen the same m ### Added * Preliminary work for php83 +* apt: add task file to install ELTS repository (default: False) * lxc-php: Allow one to install php83 on Bookworm container * nagios-nrpe: add check_sentinel for monitoring Redis Sentinel * webapps/nextcloud: Added var nextcloud_user_uid to enforce uid for nextcloud user diff --git a/apt/defaults/main.yml b/apt/defaults/main.yml index 3720d893..772a8fb9 100644 --- a/apt/defaults/main.yml +++ b/apt/defaults/main.yml @@ -14,6 +14,7 @@ apt_install_backports: False apt_backports_components: "main" apt_install_evolix_public: True +apt_install_extended_lts: False apt_clean_gandi_sourceslist: False @@ -28,4 +29,4 @@ apt_check_hold_cron_weekday: "*" apt_check_hold_cron_day: "*" apt_check_hold_cron_month: "*" -apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}" \ No newline at end of file +apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}" diff --git a/apt/files/freexian-archive-extended-lts.gpg b/apt/files/freexian-archive-extended-lts.gpg new file mode 100644 index 0000000000000000000000000000000000000000..819c10ff58554f8c923fbb5547b91033560220c0 GIT binary patch literal 1176 zcmV;J1ZVr10u2OP3>k+35CE!*la@dGSZvSDM8iRcInG1)P{N=(7x?10JSiF{TjyF* zFAc}dYTJ`V+M7ayLf+6i@+jA%ECWj>C8yGZ+mBWK0?b}8!#>P=;K#ZAFO$=p+=TcF zW=;Ht4Bjm|zRHR^K4En3i-iQ%tt*F^W%*%3W?zD!8VklE58+9^Tu7s zw)gj&Js}nWDE>vjUXR`B0p*FuvlOEpOQ14Ok~HV`sjB*UVvvh)QxF9kC^zQiSCw~# z+m$j0EzQFz(?uoImN!zqt#o-0_v0>C+fuyI^WMNdU+HLT8w}zu*fb>?0I7e+%BJb# ziF9-va~rCRwa3MiF*E=ShNvMe7QnYdc6=@h@Fej1rR$Ord?|(dGMx~51fXoI>G1zL zjIdu#sFLmFG+ro7WeSv#ZGpGU__Dk%gV@sP_jUL&cj=Cu7%Uw^Wp2tMINGLiW}ho} zy^-0Ybo@tYDin=mM}9Al!BhAJoHL;@nIk^9aAFYLL8R-NdGQ5r-`*Xx57z|~Yo-s` z4(HON9Ld$}g#=xf*wxIn8l%B5Z&QhsVd^xx6bT3jFQ`t&Oq3m1Nwf93e1g%ke2z@; zBVF1Z`8$GP-UR>=0RRECFGYBCWo~3;WFSmbQy@}haBp*IbZ>HbAUtzLGf za%E+BX<=?IV{dIfi2_sv69EVSJ^~v91q%rX2Lc8a2nh-c0t6NU0|5da0Rk6*79j+y zS$t1#Gl0EIE9=6ba}d*M1zlPN0%DsoJp~C7=>N6=3JDOPa}d*M1zlSHx)1=Sqq_^% z{^3z{pn8(R(G*1}I^7SxxB;rzrg9!F^RQLctKT5nFL6XebR-^i=d$`>Y>!T6 z*Zb)vOxWYF4K&2Ib?EvTd8E9SAj3<8pXnP9QF_2K{vZe}ZLsbJov+lN6NFr!Tu+Db zAuxc|+O2ByA@Iy<aEH7)nm=7P^Nw$m&L^B(--*Gg ztwF#Ik3?);3h+nmze3L#G+9aPqxT6LcQ0gyuYyaEWD>|6bHrGPvg*ast`y>Oa{rIa q@dG0}9Dw33F^}f!O`7ygKR7;u{v-iCt~UQnD=$vejsPKruP6Bwc_o(s literal 0 HcmV?d00001 diff --git a/apt/tasks/extended-lts.oneline.yml.yml b/apt/tasks/extended-lts.oneline.yml.yml new file mode 100644 index 00000000..09974684 --- /dev/null +++ b/apt/tasks/extended-lts.oneline.yml.yml @@ -0,0 +1,37 @@ +--- + +- name: "Ensure {{ apt_keyring_dir }} directory exists" + file: + path: "{{ apt_keyring_dir }}" + state: directory + mode: "755" + owner: root + group: root + +- name: Add Evolix GPG key + ansible.builtin.copy: + src: "freexian-archive-extended-lts.gpg" + dest: "{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg" + force: true + mode: "0644" + owner: root + group: root + tags: + - apt + +- name: ELTS list is installed + ansible.builtin.template: + src: "{{ ansible_distribution_release }}_extended-lts.list.j2" + dest: /etc/apt/sources.list.d/extended-lts.list + force: true + mode: "0640" + register: apt_extended_lts + tags: + - apt + +- name: Apt update + ansible.builtin.apt: + update_cache: yes + tags: + - apt + when: apt_extended_lts is changed diff --git a/apt/tasks/main.yml b/apt/tasks/main.yml index 4d357f8b..c20abe54 100644 --- a/apt/tasks/main.yml +++ b/apt/tasks/main.yml @@ -80,6 +80,14 @@ - apt_install_evolix_public | bool - ansible_distribution_major_version is version('12', '>=') +- name: Install Extended-LTS repositories (Debian < 10) + ansible.builtin.import_tasks: extended-lts.oneline.yml.yml + tags: + - apt + when: + - apt_install_extended_lts | bool + - ansible_distribution_major_version is version('10', '<') + - name: Clean GANDI sources ansible.builtin.file: path: '{{ item }}' @@ -126,4 +134,4 @@ upgrade: dist when: apt_upgrade | bool tags: - - apt \ No newline at end of file + - apt diff --git a/apt/templates/jessie_extended-lts.list.j2 b/apt/templates/jessie_extended-lts.list.j2 new file mode 100644 index 00000000..c20be4e7 --- /dev/null +++ b/apt/templates/jessie_extended-lts.list.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts jessie main +deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts jessie-lts main diff --git a/apt/templates/stretch_extended-lts.list.j2 b/apt/templates/stretch_extended-lts.list.j2 new file mode 100644 index 00000000..374e571e --- /dev/null +++ b/apt/templates/stretch_extended-lts.list.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts stretch main +deb [signed-by="{{ apt_keyring_dir }}/freexian-archive-extended-lts.gpg"] http://elts.evolix.org/extended-lts stretch-lts main