summaryrefslogtreecommitdiff
path: root/ansible/roles/apt-repository/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/apt-repository/tasks/main.yml')
-rw-r--r--ansible/roles/apt-repository/tasks/main.yml133
1 files changed, 133 insertions, 0 deletions
diff --git a/ansible/roles/apt-repository/tasks/main.yml b/ansible/roles/apt-repository/tasks/main.yml
new file mode 100644
index 0000000..6bf8412
--- /dev/null
+++ b/ansible/roles/apt-repository/tasks/main.yml
@@ -0,0 +1,133 @@
+- name: "install software needed for APT repository management"
+ apt:
+ name:
+ - apache2
+ - incron
+ - reprepro
+
+- name: "create root directory for APT repository"
+ file:
+ state: directory
+ path: /srv/apt
+ owner: apt
+ group: apt
+ mode: 0755
+
+- name: "create incoming directory for APT repository"
+ file:
+ state: directory
+ path: /srv/apt/incoming
+ owner: apt
+ group: incoming
+ mode: 0775
+
+- name: "create .gnupg for apt user"
+ file:
+ state: directory
+ dest: /home/apt/.gnupg
+ owner: apt
+ group: apt
+ mode: 0700
+
+- name: "install temporary copies of gpg keys for repository signing"
+ copy:
+ content: "{{ item.content }}"
+ dest: "/home/apt/{{ item.name }}"
+ owner: apt
+ group: apt
+ mode: 0600
+ with_items:
+ - content: "{{ apt_signing_key }}"
+ name: key
+ - content: "{{ apt_signing_key_pub }}"
+ name: key.pub
+
+- name: "import gpg keys for apt"
+ shell: |
+ cd /home/apt
+ sudo -u apt gpg --import key key.pub
+
+- name: "delete temporary copies of keys"
+ file:
+ dest: "/home/apt/{{ item }}"
+ state: absent
+ with_items:
+ - key
+ - key.pub
+
+- name: "allow apt user to use incron"
+ lineinfile:
+ dest: /etc/incron.allow
+ line: apt
+
+- name: "crate reprepro configuration directory"
+ file:
+ path: /srv/apt/conf
+ state: directory
+
+- name: "create reprepro temp directory"
+ file:
+ state: directory
+ dest: /srv/apt/tmp
+ owner: apt
+ group: apt
+ mode: 0755
+
+- name: "configure reprepro distributions"
+ template:
+ src: distributions.j2
+ dest: /srv/apt/conf/distributions
+
+- name: "configure reprepro uploaders"
+ template:
+ src: uploaders.j2
+ dest: /srv/apt/conf/uploaders
+
+- name: "configure reprepro incoming"
+ template:
+ src: incoming.j2
+ dest: /srv/apt/conf/incoming
+ owner: apt
+ group: incoming
+ mode: 01777
+
+- name: "create web root directory"
+ file:
+ state: directory
+ path: /srv/http
+
+- name: "install an index page in the web root directory"
+ copy:
+ content: |
+ {{ apt_index_content }}
+ dest: /srv/http/index.html
+
+- name: "configure apache to server APT repository over http"
+ template:
+ src: 000-default.conf
+ dest: /etc/apache2/sites-enabled/000-default.conf
+ owner: root
+ group: root
+ mode: 0644
+ notify: restart apache2
+
+- name: "install script to process uploads to APT"
+ copy:
+ src: process-incoming
+ dest: /home/apt/process-incoming
+ owner: apt
+ group: apt
+ mode: 0755
+
+- name: "create incrontab for apt"
+ copy:
+ content: |
+ /srv/apt/incoming IN_CLOSE_WRITE /home/apt/process-incoming
+ dest: /home/apt/incrontab
+ owner: apt
+ group: apt
+ mode: 0644
+
+- name: "set up incrontab for processing incoming uploads"
+ shell: |
+ sudo -u apt incrontab /home/apt/incrontab
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-27 21:07:04 +0000