Merge branch 'lxc-php82' into unstable
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2622|9|2613|11|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/331//ansiblelint">Evolix » ansible-roles » unstable #331</a>
gitea/ansible-roles/pipeline/head This commit looks good
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2622|9|2613|11|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/331//ansiblelint">Evolix » ansible-roles » unstable #331</a>
gitea/ansible-roles/pipeline/head This commit looks good
This commit is contained in:
commit
6e5ba9bd9a
|
@ -21,7 +21,7 @@ lxc_php_container_releases:
|
|||
php74: "bullseye"
|
||||
php80: "bullseye"
|
||||
php81: "bullseye"
|
||||
php82: "bullseye"
|
||||
php82: "bookworm"
|
||||
|
||||
lxc_php_services:
|
||||
php56: 'php5-fpm.service'
|
||||
|
@ -33,3 +33,5 @@ lxc_php_services:
|
|||
php82: 'php8.2-fpm.service'
|
||||
|
||||
apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}"
|
||||
apt_basics_components: "{{ (ansible_virtualization_role == 'host') | ternary('main contrib non-free', 'main') }}"
|
||||
|
||||
|
|
|
@ -1,46 +1,32 @@
|
|||
---
|
||||
|
||||
- name: set APT keyring (Debian <12)
|
||||
- name: set APT keyring
|
||||
ansible.builtin.set_fact:
|
||||
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: set APT keyring (Debian >=12)
|
||||
ansible.builtin.set_fact:
|
||||
lxc_apt_keyring_dir: /etc/apt/keyrings
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: "{{ lxc_php_version }} - Install dependency packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
|
||||
|
||||
- name: "{{ lxc_php_version }} - fix bullseye repository"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
regexp: 'bullseye/updates'
|
||||
replace: 'bullseye-security'
|
||||
- name: "{{ lxc_php_version }} - delete sources.list bookworm repository"
|
||||
ansible.builtin.file:
|
||||
path: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
state: absent
|
||||
|
||||
- name: "{{ lxc_php_version }} - Add sury repo (Debian >=12)"
|
||||
- name: "{{ lxc_php_version }} - system bookworm repository"
|
||||
ansible.builtin.template:
|
||||
src: sury.sources.j2
|
||||
dest: /etc/apt/sources.list.d/sury.sources
|
||||
mode: "0644"
|
||||
src: bookworm_basics.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/system.sources"
|
||||
force: true
|
||||
mode: "0644"
|
||||
|
||||
- name: "{{ lxc_php_version }} - security bookworm repository"
|
||||
ansible.builtin.template:
|
||||
src: bookworm_security.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/security.sources"
|
||||
force: true
|
||||
register: sury_sources
|
||||
when: ansible_distribution_major_version is version('12', '>=')
|
||||
|
||||
- name: "{{ lxc_php_version }} - Add sury repo (Debian <12)"
|
||||
ansible.builtin.lineinfile:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.list"
|
||||
line: "{{ item }}"
|
||||
state: present
|
||||
create: yes
|
||||
mode: "0644"
|
||||
loop:
|
||||
- "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
|
||||
- "deb [signed-by={{ apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix bullseye-php82 main"
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: "Ensure {{ lxc_rootfs }}{{ apt_keyring_dir }} directory exists"
|
||||
file:
|
||||
|
@ -53,16 +39,7 @@
|
|||
- name: copy pub.evolix.org GPG key
|
||||
ansible.builtin.copy:
|
||||
src: pub_evolix.asc
|
||||
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/pub_evolix.asc
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
when: ansible_distribution_major_version is version('12', '<')
|
||||
|
||||
- name: copy packages.sury.org GPG Key
|
||||
ansible.builtin.copy:
|
||||
src: sury.gpg
|
||||
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/sury.gpg
|
||||
dest: "{{ lxc_rootfs }}{{ lxc_apt_keyring_dir }}/pub_evolix.asc"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
|
|
8
lxc-php/templates/bookworm_basics.sources.j2
Normal file
8
lxc-php/templates/bookworm_basics.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: http://mirror.evolix.org/debian
|
||||
Suites: bookworm bookworm-updates
|
||||
Components: {{ apt_basics_components | mandatory }}
|
||||
Enabled: yes
|
||||
Signed-By: /usr/share/keyrings/debian-archive-bookworm-automatic.gpg
|
8
lxc-php/templates/bookworm_security.sources.j2
Normal file
8
lxc-php/templates/bookworm_security.sources.j2
Normal file
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
Types: deb
|
||||
URIs: https://security.debian.org/debian-security
|
||||
Suites: bookworm-security
|
||||
Components: {{ apt_basics_components | mandatory }}
|
||||
Enabled: yes
|
||||
Signed-By: /usr/share/keyrings/debian-archive-bookworm-security-automatic.gpg
|
Loading…
Reference in a new issue