diff options
Diffstat (limited to 'ansible/aptrepo.yml')
-rw-r--r-- | ansible/aptrepo.yml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/ansible/aptrepo.yml b/ansible/aptrepo.yml new file mode 100644 index 0000000..c671752 --- /dev/null +++ b/ansible/aptrepo.yml @@ -0,0 +1,44 @@ +- hosts: aptrepo + remote_user: debian + become: yes + roles: + - role: sane_debian_system + - role: sshd + - role: unix_users + - role: apt-repository + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: "{{ inventory_hostname }}" + sane_debian_system_codename: bookworm + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: apt + comment: Owner of APT repository + - username: incoming + comment: APT incoming packages + authorized_keys: | + {{ apt_uploader_ssh_pub_keys }} + - username: liw + comment: Lars Wirzenius + sudo: yes + + sshd_version: 1 + + apt_uploader_ssh_pub_keys: | + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP + apt_admin_email: liw@liw.fi + apt_domain: aptrepo + apt_distributions: + - codename: unstable + description: Release packages for unstable + - codename: unstable-ci + description: CI builds for unstable + apt_signing_key: "{{ lookup('pipe', 'pass show ick2/apt_key') }}" + apt_signing_key_pub: "{{ lookup('pipe', 'pass show ick2/apt_key.pub') }}" + apt_signing_key_fingerprint: | + {{ lookup('pipe', 'pass show ick2/apt_key.pub | gpg --show-keys --with-colons | grep "^fpr:" | cut -d: -f10') }} |