apt-sources mit neuer logik (#225)

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#225
Co-authored-by: mg <michael.grote@posteo.de>
Co-committed-by: mg <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2021-10-20 19:48:17 +02:00
parent 71252b6b8d
commit 4e83d8d887
14 changed files with 30 additions and 66 deletions

View file

@ -68,8 +68,7 @@
postfix_smtp_server_port: 587 postfix_smtp_server_port: 587
postfix_smtp_use_tls: "yes" postfix_smtp_use_tls: "yes"
### mgrote.apt_manage_sources ### mgrote.apt_manage_sources
manage_sources_apt_proxy_server: acng.grote.lan manage_sources_apt_proxy: "acng.grote.lan:9999"
manage_sources_apt_proxy_port: 9999
### mgrote.restic ### mgrote.restic
restic_folders_to_backup: "/usr/local /etc /root /home" restic_folders_to_backup: "/usr/local /etc /root /home"
restic_cron_hours: "19" restic_cron_hours: "19"

View file

@ -52,7 +52,7 @@
- python3-pip - python3-pip
- gramps # stammbaum - gramps # stammbaum
### mgrote.apt_manage_sources ### mgrote.apt_manage_sources
manage_sources_apt_proxy_url: "" manage_sources_apt_proxy: ""
### mgrote.ntp_chrony_server ### mgrote.ntp_chrony_server
ntp_chrony_timezone: "Europe/Berlin" # Zeitzone in der sich der Computer befindet ntp_chrony_timezone: "Europe/Berlin" # Zeitzone in der sich der Computer befindet
ntp_chrony_servers: # welche Server sollen befragt werden ntp_chrony_servers: # welche Server sollen befragt werden

View file

@ -29,8 +29,7 @@
- address: pool.ntp.org - address: pool.ntp.org
options: iburst #optionaler parameter options: iburst #optionaler parameter
### mgrote.apt_manage_sources ### mgrote.apt_manage_sources
manage_sources_apt_proxy_server: "" manage_sources_apt_proxy: ""
manage_sources_apt_proxy_port: ""
### geerlingguy.munin-node ### geerlingguy.munin-node
munin_node_plugins: munin_node_plugins:
- name: chrony - name: chrony

View file

@ -68,6 +68,8 @@
env.client /usr/bin/fail2ban-client env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban env.config_dir /etc/fail2ban
user root user root
### mgrote.apt_manage_sources
manage_sources_apt_proxy: ""
# Ansible Variablen # Ansible Variablen
### sudo ### sudo
sudo: false sudo: false

View file

@ -1,4 +1,6 @@
--- ---
### mgrote.apt_manage_sources
manage_sources_apt_proxy: ""
### mgrote.tor-node ### mgrote.tor-node
tor_relay_name: tor1mgrote tor_relay_name: tor1mgrote
tor_or_port: 9001 tor_or_port: 9001

View file

@ -3,6 +3,3 @@
roles: roles:
- role: mgrote.apt_manage_sources - role: mgrote.apt_manage_sources
tags: "apt_sources" tags: "apt_sources"
when:
- "not 'laptop' in group_names"
- "not 'tor' in group_names"

View file

@ -12,40 +12,4 @@
- [x] ProxMox (>=6.1) - [x] ProxMox (>=6.1)
### Variablen + Defaults ### Variablen + Defaults
##### Ubuntu/Proxmox: FQDN Proxy, wenn leer wird kein Proxy gesetzt see [defaults](./defaults/main.yml)
```yaml
manage_sources_apt_proxy_url: "" # leer = kein proxy, sonst "acng.grote.lan:9999"
```
##### Proxmox: Pfad lokal zum Enterprise-Repository
```yaml
manage_sources_enterprise_repo_path: /etc/apt/sources.list.d/pve-enterprise.list # wo ist das enterprise-repo
```
##### Proxmox: Releases-Key URL für no-subscrition-Repository
```yaml
manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo
```
##### Proxmox: Releases-Key Pfad lokal für no-subscrition-Repository
```yaml
manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo
```
##### Proxmox: URL no-subscrition-Repository
```yaml
manage_sources_apt_repo_no_subscription: deb http://{{ manage_sources_apt_proxy_url }}/download.proxmox.com/debian/pve buster pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen
```
##### Proxmox: Basis-Repositories URLs
```yaml
manage_sources_proxmox_base_repos: # welche debian standard repos sollen gesetzt werden, werden vorher gelöscht damit ein proxy dann gesetzt werden kann
- repo_url: deb http://ftp.de.debian.org/debian buster main contrib
- repo_url: deb http://ftp.de.debian.org/debian buster-updates main contrib
- repo_url: deb http://security.debian.org buster/updates main contrib```
```
##### Proxmox: Pfad lokal für Basis-Repositories
```yaml
manage_sources_debian_repo_path: /etc/apt/sources.list.d/debian # , wo sollen die standard-repos gespeichert werden; nicht auf /etc/apt/sources setzen, diese datei wird gelöscht```

View file

@ -3,5 +3,4 @@
manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo
manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo
manage_sources_apt_repo_no_subscription: deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen manage_sources_apt_repo_no_subscription: deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen
manage_sources_apt_proxy_server: acng.grote.lan manage_sources_apt_proxy: acng.grote.lan:9999
manage_sources_apt_proxy_port: 9999

View file

@ -0,0 +1,5 @@
---
- name: update package lists # noqa 503 503
become: yes
ansible.builtin.apt:
update_cache: yes

View file

@ -1,18 +1,18 @@
--- ---
- name: include ubuntu tasks (determined by "ansible_distribution") - name: include ubuntu tasks (determined by "ansible_distribution")
include_tasks: ubuntu.yml include_tasks: ubuntu.yml
when: ansible_distribution == 'Ubuntu' when:
- ansible_distribution == 'Ubuntu'
- manage_sources_apt_proxy | length > 0
- name: include Linux Mint tasks (determined by "ansible_distribution") - name: include Linux Mint tasks (determined by "ansible_distribution")
include_tasks: mint.yml include_tasks: mint.yml
when: ansible_distribution == 'Linux Mint' when:
- ansible_distribution == 'Linux Mint'
- manage_sources_apt_proxy | length > 0
- name: include proxmox tasks (determined by group) - name: include proxmox tasks (determined by group)
include_tasks: proxmox.yml include_tasks: proxmox.yml
when: "'proxmox' in group_names" when:
- "'proxmox' in group_names"
- name: update package lists # noqa 503 503 - manage_sources_apt_proxy | length > 0
become: yes
ansible.builtin.apt:
update_cache: yes
when: copy_src.changed

View file

@ -5,5 +5,4 @@
src: apt.conf src: apt.conf
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}" dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
backup: yes backup: yes
register: copy_src notify: update package lists
when: manage_sources_apt_proxy_server is defined

View file

@ -5,8 +5,7 @@
src: apt.conf src: apt.conf
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}" dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
backup: yes backup: yes
register: copy_src notify: update package lists
when: manage_sources_apt_proxy_server is defined
- name: remove enterprise-Repository - name: remove enterprise-Repository
become: yes become: yes
@ -24,7 +23,7 @@
ansible.builtin.apt_key: ansible.builtin.apt_key:
url: "{{ manage_sources_apt_repo_key_url }}" url: "{{ manage_sources_apt_repo_key_url }}"
state: present state: present
register: copy_src notify: update package lists
when: pve_no_subscription_repo_keys.stat.exists == false when: pve_no_subscription_repo_keys.stat.exists == false
- name: add pve-no-subscription repo - name: add pve-no-subscription repo
@ -34,4 +33,4 @@
state: present state: present
filename: pve-no-subscription filename: pve-no-subscription
update_cache: no update_cache: no
register: copy_src notify: update package lists

View file

@ -5,5 +5,4 @@
src: apt.conf src: apt.conf
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}" dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
backup: yes backup: yes
register: copy_src notify: update package lists
when: manage_sources_apt_proxy_server is defined

View file

@ -1,3 +1,3 @@
{{ file_header | default () }} {{ file_header | default () }}
Acquire::http::proxy "http://{{ manage_sources_apt_proxy_server | default() }}:{{ manage_sources_apt_proxy_port | default() }}"; Acquire::http::proxy "http://{{ manage_sources_apt_proxy | default() }}";
Acquire::https::proxy "http://{{ manage_sources_apt_proxy_server | default() }}:{{ manage_sources_apt_proxy_port | default() }}"; Acquire::https::proxy "http://{{ manage_sources_apt_proxy | default() }}";