apt-sources mit neuer logik (#225)
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#225 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de>
This commit is contained in:
parent
71252b6b8d
commit
4e83d8d887
14 changed files with 30 additions and 66 deletions
|
@ -68,8 +68,7 @@
|
||||||
postfix_smtp_server_port: 587
|
postfix_smtp_server_port: 587
|
||||||
postfix_smtp_use_tls: "yes"
|
postfix_smtp_use_tls: "yes"
|
||||||
### mgrote.apt_manage_sources
|
### mgrote.apt_manage_sources
|
||||||
manage_sources_apt_proxy_server: acng.grote.lan
|
manage_sources_apt_proxy: "acng.grote.lan:9999"
|
||||||
manage_sources_apt_proxy_port: 9999
|
|
||||||
### mgrote.restic
|
### mgrote.restic
|
||||||
restic_folders_to_backup: "/usr/local /etc /root /home"
|
restic_folders_to_backup: "/usr/local /etc /root /home"
|
||||||
restic_cron_hours: "19"
|
restic_cron_hours: "19"
|
||||||
|
|
|
@ -52,7 +52,7 @@
|
||||||
- python3-pip
|
- python3-pip
|
||||||
- gramps # stammbaum
|
- gramps # stammbaum
|
||||||
### mgrote.apt_manage_sources
|
### mgrote.apt_manage_sources
|
||||||
manage_sources_apt_proxy_url: ""
|
manage_sources_apt_proxy: ""
|
||||||
### mgrote.ntp_chrony_server
|
### mgrote.ntp_chrony_server
|
||||||
ntp_chrony_timezone: "Europe/Berlin" # Zeitzone in der sich der Computer befindet
|
ntp_chrony_timezone: "Europe/Berlin" # Zeitzone in der sich der Computer befindet
|
||||||
ntp_chrony_servers: # welche Server sollen befragt werden
|
ntp_chrony_servers: # welche Server sollen befragt werden
|
||||||
|
|
|
@ -29,8 +29,7 @@
|
||||||
- address: pool.ntp.org
|
- address: pool.ntp.org
|
||||||
options: iburst #optionaler parameter
|
options: iburst #optionaler parameter
|
||||||
### mgrote.apt_manage_sources
|
### mgrote.apt_manage_sources
|
||||||
manage_sources_apt_proxy_server: ""
|
manage_sources_apt_proxy: ""
|
||||||
manage_sources_apt_proxy_port: ""
|
|
||||||
### geerlingguy.munin-node
|
### geerlingguy.munin-node
|
||||||
munin_node_plugins:
|
munin_node_plugins:
|
||||||
- name: chrony
|
- name: chrony
|
||||||
|
|
|
@ -68,6 +68,8 @@
|
||||||
env.client /usr/bin/fail2ban-client
|
env.client /usr/bin/fail2ban-client
|
||||||
env.config_dir /etc/fail2ban
|
env.config_dir /etc/fail2ban
|
||||||
user root
|
user root
|
||||||
|
### mgrote.apt_manage_sources
|
||||||
|
manage_sources_apt_proxy: ""
|
||||||
# Ansible Variablen
|
# Ansible Variablen
|
||||||
### sudo
|
### sudo
|
||||||
sudo: false
|
sudo: false
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
---
|
---
|
||||||
|
### mgrote.apt_manage_sources
|
||||||
|
manage_sources_apt_proxy: ""
|
||||||
### mgrote.tor-node
|
### mgrote.tor-node
|
||||||
tor_relay_name: tor1mgrote
|
tor_relay_name: tor1mgrote
|
||||||
tor_or_port: 9001
|
tor_or_port: 9001
|
||||||
|
|
|
@ -3,6 +3,3 @@
|
||||||
roles:
|
roles:
|
||||||
- role: mgrote.apt_manage_sources
|
- role: mgrote.apt_manage_sources
|
||||||
tags: "apt_sources"
|
tags: "apt_sources"
|
||||||
when:
|
|
||||||
- "not 'laptop' in group_names"
|
|
||||||
- "not 'tor' in group_names"
|
|
||||||
|
|
|
@ -12,40 +12,4 @@
|
||||||
- [x] ProxMox (>=6.1)
|
- [x] ProxMox (>=6.1)
|
||||||
|
|
||||||
### Variablen + Defaults
|
### Variablen + Defaults
|
||||||
##### Ubuntu/Proxmox: FQDN Proxy, wenn leer wird kein Proxy gesetzt
|
see [defaults](./defaults/main.yml)
|
||||||
```yaml
|
|
||||||
manage_sources_apt_proxy_url: "" # leer = kein proxy, sonst "acng.grote.lan:9999"
|
|
||||||
```
|
|
||||||
|
|
||||||
##### Proxmox: Pfad lokal zum Enterprise-Repository
|
|
||||||
```yaml
|
|
||||||
manage_sources_enterprise_repo_path: /etc/apt/sources.list.d/pve-enterprise.list # wo ist das enterprise-repo
|
|
||||||
|
|
||||||
```
|
|
||||||
|
|
||||||
##### Proxmox: Releases-Key URL für no-subscrition-Repository
|
|
||||||
```yaml
|
|
||||||
manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo
|
|
||||||
```
|
|
||||||
|
|
||||||
##### Proxmox: Releases-Key Pfad lokal für no-subscrition-Repository
|
|
||||||
```yaml
|
|
||||||
manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo
|
|
||||||
```
|
|
||||||
|
|
||||||
##### Proxmox: URL no-subscrition-Repository
|
|
||||||
```yaml
|
|
||||||
manage_sources_apt_repo_no_subscription: deb http://{{ manage_sources_apt_proxy_url }}/download.proxmox.com/debian/pve buster pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen
|
|
||||||
```
|
|
||||||
|
|
||||||
##### Proxmox: Basis-Repositories URLs
|
|
||||||
```yaml
|
|
||||||
manage_sources_proxmox_base_repos: # welche debian standard repos sollen gesetzt werden, werden vorher gelöscht damit ein proxy dann gesetzt werden kann
|
|
||||||
- repo_url: deb http://ftp.de.debian.org/debian buster main contrib
|
|
||||||
- repo_url: deb http://ftp.de.debian.org/debian buster-updates main contrib
|
|
||||||
- repo_url: deb http://security.debian.org buster/updates main contrib```
|
|
||||||
```
|
|
||||||
|
|
||||||
##### Proxmox: Pfad lokal für Basis-Repositories
|
|
||||||
```yaml
|
|
||||||
manage_sources_debian_repo_path: /etc/apt/sources.list.d/debian # , wo sollen die standard-repos gespeichert werden; nicht auf /etc/apt/sources setzen, diese datei wird gelöscht```
|
|
||||||
|
|
|
@ -3,5 +3,4 @@
|
||||||
manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo
|
manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo
|
||||||
manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo
|
manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo
|
||||||
manage_sources_apt_repo_no_subscription: deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen
|
manage_sources_apt_repo_no_subscription: deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen
|
||||||
manage_sources_apt_proxy_server: acng.grote.lan
|
manage_sources_apt_proxy: acng.grote.lan:9999
|
||||||
manage_sources_apt_proxy_port: 9999
|
|
||||||
|
|
5
roles/mgrote.apt_manage_sources/handlers/main.yml
Normal file
5
roles/mgrote.apt_manage_sources/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- name: update package lists # noqa 503 503
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.apt:
|
||||||
|
update_cache: yes
|
|
@ -1,18 +1,18 @@
|
||||||
---
|
---
|
||||||
- name: include ubuntu tasks (determined by "ansible_distribution")
|
- name: include ubuntu tasks (determined by "ansible_distribution")
|
||||||
include_tasks: ubuntu.yml
|
include_tasks: ubuntu.yml
|
||||||
when: ansible_distribution == 'Ubuntu'
|
when:
|
||||||
|
- ansible_distribution == 'Ubuntu'
|
||||||
|
- manage_sources_apt_proxy | length > 0
|
||||||
|
|
||||||
- name: include Linux Mint tasks (determined by "ansible_distribution")
|
- name: include Linux Mint tasks (determined by "ansible_distribution")
|
||||||
include_tasks: mint.yml
|
include_tasks: mint.yml
|
||||||
when: ansible_distribution == 'Linux Mint'
|
when:
|
||||||
|
- ansible_distribution == 'Linux Mint'
|
||||||
|
- manage_sources_apt_proxy | length > 0
|
||||||
|
|
||||||
- name: include proxmox tasks (determined by group)
|
- name: include proxmox tasks (determined by group)
|
||||||
include_tasks: proxmox.yml
|
include_tasks: proxmox.yml
|
||||||
when: "'proxmox' in group_names"
|
when:
|
||||||
|
- "'proxmox' in group_names"
|
||||||
- name: update package lists # noqa 503 503
|
- manage_sources_apt_proxy | length > 0
|
||||||
become: yes
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: yes
|
|
||||||
when: copy_src.changed
|
|
||||||
|
|
|
@ -5,5 +5,4 @@
|
||||||
src: apt.conf
|
src: apt.conf
|
||||||
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
|
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
|
||||||
backup: yes
|
backup: yes
|
||||||
register: copy_src
|
notify: update package lists
|
||||||
when: manage_sources_apt_proxy_server is defined
|
|
||||||
|
|
|
@ -5,8 +5,7 @@
|
||||||
src: apt.conf
|
src: apt.conf
|
||||||
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
|
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
|
||||||
backup: yes
|
backup: yes
|
||||||
register: copy_src
|
notify: update package lists
|
||||||
when: manage_sources_apt_proxy_server is defined
|
|
||||||
|
|
||||||
- name: remove enterprise-Repository
|
- name: remove enterprise-Repository
|
||||||
become: yes
|
become: yes
|
||||||
|
@ -24,7 +23,7 @@
|
||||||
ansible.builtin.apt_key:
|
ansible.builtin.apt_key:
|
||||||
url: "{{ manage_sources_apt_repo_key_url }}"
|
url: "{{ manage_sources_apt_repo_key_url }}"
|
||||||
state: present
|
state: present
|
||||||
register: copy_src
|
notify: update package lists
|
||||||
when: pve_no_subscription_repo_keys.stat.exists == false
|
when: pve_no_subscription_repo_keys.stat.exists == false
|
||||||
|
|
||||||
- name: add pve-no-subscription repo
|
- name: add pve-no-subscription repo
|
||||||
|
@ -34,4 +33,4 @@
|
||||||
state: present
|
state: present
|
||||||
filename: pve-no-subscription
|
filename: pve-no-subscription
|
||||||
update_cache: no
|
update_cache: no
|
||||||
register: copy_src
|
notify: update package lists
|
||||||
|
|
|
@ -5,5 +5,4 @@
|
||||||
src: apt.conf
|
src: apt.conf
|
||||||
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
|
dest: "{{ apt_proxy_apt_conf_path | default ('/etc/apt/apt.conf') }}"
|
||||||
backup: yes
|
backup: yes
|
||||||
register: copy_src
|
notify: update package lists
|
||||||
when: manage_sources_apt_proxy_server is defined
|
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
{{ file_header | default () }}
|
{{ file_header | default () }}
|
||||||
Acquire::http::proxy "http://{{ manage_sources_apt_proxy_server | default() }}:{{ manage_sources_apt_proxy_port | default() }}";
|
Acquire::http::proxy "http://{{ manage_sources_apt_proxy | default() }}";
|
||||||
Acquire::https::proxy "http://{{ manage_sources_apt_proxy_server | default() }}:{{ manage_sources_apt_proxy_port | default() }}";
|
Acquire::https::proxy "http://{{ manage_sources_apt_proxy | default() }}";
|
||||||
|
|
Loading…
Reference in a new issue