evolix
/
ansible-roles
22
2
Fork 2
Code Issues 61 Pull Requests 18 Releases 32 Wiki Activity

Drop unsigned repository when adding a signed one

This commit is contained in:
David Prevot 2022-12-02 15:17:42 +01:00
parent cca072425b
commit a1bad43b25
17 changed files with 153 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docker-host/tasks/main.yml
View File

@ -31,6 +31,12 @@
state: present state: present
filename: docker.list filename: docker.list
- name: Drop unsigned Docker repository
apt_repository:
repo: 'deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
state: absent
filename: docker.list
- name: Install Docker - name: Install Docker
apt: apt:
name: name:

10
elasticsearch/tasks/packages.yml
View File

@ -48,6 +48,16 @@
- elasticsearch - elasticsearch
- packages - packages
- name: Unsigned Elastic sources list is not available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: absent
update_cache: yes
tags:
- elasticsearch
- packages
- name: Elasticsearch is installed - name: Elasticsearch is installed
apt: apt:
name: elasticsearch name: elasticsearch

14
evolinux-base/tasks/hardware.yml
View File

@ -96,6 +96,13 @@
tags: tags:
- packages - packages
- name: Remove unsigned HPE repository
apt_repository:
repo: 'deb https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
state: absent
tags:
- packages
- name: Install HPE Smart Storage Administrator (ssacli) - name: Install HPE Smart Storage Administrator (ssacli)
apt: apt:
name: ssacli name: ssacli
@ -224,6 +231,13 @@
tags: tags:
- packages - packages
- name: Remove unsigned HW tool repository
apt_repository:
repo: 'deb http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
state: absent
tags:
- packages
- name: Install packages for DELL/LSI hardware - name: Install packages for DELL/LSI hardware
apt: apt:
name: name:

10
filebeat/tasks/main.yml
View File

@ -48,6 +48,16 @@
- filebeat - filebeat
- packages - packages
- name: Unsigned Elastic sources list is not available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: absent
update_cache: yes
tags:
- filebeat
- packages
- name: Filebeat is installed - name: Filebeat is installed
apt: apt:
name: filebeat name: filebeat

10
fluentd/tasks/main.yml
View File

@ -40,6 +40,16 @@
- packages - packages
- fluentd - fluentd
- name: Unsigned Fluentd sources list is not available
apt_repository:
repo: "deb http://packages.treasuredata.com/3/debian/{{ ansible_distribution_release }}/ {{ ansible_distribution_release }} contrib"
filename: treasuredata
update_cache: yes
state: absent
tags:
- packages
- fluentd
- name: Fluentd is installed. - name: Fluentd is installed.
apt: apt:
name: td-agent name: td-agent

7
jenkins/tasks/main.yml
View File

@ -32,6 +32,13 @@
filename: jenkins filename: jenkins
update_cache: yes update_cache: yes
- name: Remove unsigned jenkins APT repository
apt_repository:
repo: deb http://pkg.jenkins-ci.org/debian-stable binary/
filename: jenkins
update_cache: yes
state: absent
- name: Install Jenkins - name: Install Jenkins
apt: apt:
name: jenkins name: jenkins

10
kibana/tasks/main.yml
View File

@ -48,6 +48,16 @@
- kibana - kibana
- packages - packages
- name: Unsigned Elastic sources list is not available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: absent
update_cache: yes
tags:
- kibana
- packages
- name: Kibana is installed - name: Kibana is installed
apt: apt:
name: kibana name: kibana

10
logstash/tasks/main.yml
View File

@ -48,6 +48,16 @@
- logstash - logstash
- packages - packages
- name: Unsigned Elastic sources list is not available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: absent
update_cache: yes
tags:
- logstash
- packages
- name: Logstash is installed - name: Logstash is installed
apt: apt:
name: logstash name: logstash

10
metricbeat/tasks/main.yml
View File

@ -48,6 +48,16 @@
- metricbeat - metricbeat
- packages - packages
- name: Elastic sources list is available
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
filename: elastic
state: absent
update_cache: yes
tags:
- metricbeat
- packages
- name: Metricbeat is installed - name: Metricbeat is installed
apt: apt:
name: metricbeat name: metricbeat

9
mongodb/tasks/main_bullseye.yml
View File

@ -27,13 +27,20 @@
owner: root owner: root
group: root group: root
- name: enable APT sources list - name: Enable APT sources list
apt_repository: apt_repository:
repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{mongodb_version}}.asc] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{mongodb_version}} main" repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{mongodb_version}}.asc] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{mongodb_version}} main"
state: present state: present
filename: "mongodb-org-{{mongodb_version}}" filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes update_cache: yes
- name: Disable unsigned APT sources list
apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{mongodb_version}} main"
state: absent
filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes
- name: Install packages - name: Install packages
apt: apt:
name: mongodb-org name: mongodb-org

9
mongodb/tasks/main_buster.yml
View File

@ -21,13 +21,20 @@
owner: root owner: root
group: root group: root
- name: enable APT sources list - name: Enable APT sources list
apt_repository: apt_repository:
repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{ mongodb_version }}.asc] http://repo.mongodb.org/apt/debian buster/mongodb-org/{{ mongodb_version }} main" repo: "deb [signed-by={{ apt_keyring_dir }}/mongodb-server-{{ mongodb_version }}.asc] http://repo.mongodb.org/apt/debian buster/mongodb-org/{{ mongodb_version }} main"
state: present state: present
filename: "mongodb-org-{{mongodb_version}}" filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes update_cache: yes
- name: Disable unsigned APT sources list
apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/{{ mongodb_version }} main"
state: absent
filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes
- name: Install packages - name: Install packages
apt: apt:
name: mongodb-org name: mongodb-org

9
mongodb/tasks/main_jessie.yml
View File

@ -21,13 +21,20 @@
owner: root owner: root
group: root group: root
- name: enable APT sources list - name: Enable APT sources list
apt_repository: apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/{{mongodb_version}} main" repo: "deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/{{mongodb_version}} main"
state: present state: present
filename: "mongodb-org-{{mongodb_version}}" filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes update_cache: yes
- name: Disable APT sources list
apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/{{mongodb_version}} main"
state: absent
filename: "mongodb-org-{{mongodb_version}}"
update_cache: yes
- name: Install packages - name: Install packages
apt: apt:
name: mongodb-org name: mongodb-org

7
newrelic/tasks/sources.yml
View File

@ -27,3 +27,10 @@
state: present state: present
filename: newrelic filename: newrelic
update_cache: yes update_cache: yes
- name: Desinstall unsigned NewRelic repository
apt_repository:
repo: "deb http://apt.newrelic.com/debian/ newrelic non-free"
state: absent
filename: newrelic
update_cache: yes

11
nodejs/tasks/main.yml
View File

@ -52,6 +52,17 @@
- packages - packages
- nodejs - nodejs
- name: Unsigned NodeJS sources list ({{ nodejs_apt_version }}) is not available
apt_repository:
repo: "deb https://deb.nodesource.com/{{ nodejs_apt_version }} {{ ansible_distribution_release }} main"
filename: nodesource
update_cache: yes
state: absent
tags:
- system
- packages
- nodejs
- name: NodeJS is installed - name: NodeJS is installed
apt: apt:
name: nodejs name: nodejs

12
nodejs/tasks/yarn.yml
View File

@ -47,6 +47,18 @@
- nodejs - nodejs
- yarn - yarn
- name: Unsigned Yarn sources list is not available
apt_repository:
repo: "deb https://dl.yarnpkg.com/debian/ stable main"
filename: yarn
update_cache: yes
state: absent
tags:
- system
- packages
- nodejs
- yarn
- name: Yarn is installed - name: Yarn is installed
apt: apt:
name: yarn name: yarn

6
php/tasks/sury_pre.yml
View File

@ -24,6 +24,12 @@
filename: sury filename: sury
state: present state: present
- name: Setup deb.sury.org repository - Remove unsigned source list
apt_repository:
repo: "deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
filename: sury
state: absent
- name: "Override package list for Sury (Debian 9 or later)" - name: "Override package list for Sury (Debian 9 or later)"
set_fact: set_fact:
php_stretch_packages: php_stretch_packages:

6
postgresql/tasks/pgdg-repo.yml
View File

@ -34,6 +34,12 @@
repo: "deb [signed-by={{ apt_keyring_dir }}/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ {{ansible_distribution_release}}-pgdg main" repo: "deb [signed-by={{ apt_keyring_dir }}/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ {{ansible_distribution_release}}-pgdg main"
update_cache: yes update_cache: yes
- name: Remove unsigned PGDG repository
apt_repository:
repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ansible_distribution_release}}-pgdg main"
update_cache: yes
state: absent
- name: Add APT preference file - name: Add APT preference file
template: template:
src: postgresql.pref.j2 src: postgresql.pref.j2