diff options
Diffstat (limited to 'ansible/roles/apt-repository/tasks/main.yml')
-rw-r--r-- | ansible/roles/apt-repository/tasks/main.yml | 124 |
1 files changed, 124 insertions, 0 deletions
diff --git a/ansible/roles/apt-repository/tasks/main.yml b/ansible/roles/apt-repository/tasks/main.yml new file mode 100644 index 0000000..d9c2ac2 --- /dev/null +++ b/ansible/roles/apt-repository/tasks/main.yml @@ -0,0 +1,124 @@ +- name: "install software needed for APT repository management" + apt: + name: + - apache2 + - incron + - reprepro + +- name: "create root directory for APT repository" + file: + state: directory + path: /srv/apt + owner: apt + group: apt + mode: 0755 + +- name: "create incoming directory for APT repository" + file: + state: directory + path: /srv/apt/incoming + owner: apt + group: incoming + mode: 0775 + +- name: "create .gnupg for apt user" + file: + state: directory + dest: /home/apt/.gnupg + owner: apt + group: apt + mode: 0700 + +- name: "install temporary copies of gpg keys for repository signing" + copy: + content: "{{ item.content }}" + dest: "/home/apt/{{ item.name }}" + owner: apt + group: apt + mode: 0600 + with_items: + - content: "{{ apt_signing_key }}" + name: key + - content: "{{ apt_signing_key_pub }}" + name: key.pub + +- name: "import gpg keys for apt" + shell: | + cd /home/apt + sudo -u apt gpg --import key key.pub + +- name: "delete temporary copies of keys" + file: + dest: "/home/apt/{{ item }}" + state: absent + with_items: + - key + - key.pub + +- name: "allow apt user to use incron" + lineinfile: + dest: /etc/incron.allow + line: apt + +- name: "crate reprepro configuration directory" + file: + path: /srv/apt/conf + state: directory + +- name: "create reprepro temp directory" + file: + state: directory + dest: /srv/apt/tmp + owner: apt + group: apt + mode: 0755 + +- name: "configure reprepro distributions" + template: + src: distributions.j2 + dest: /srv/apt/conf/distributions + +- name: "configure reprepro uploaders" + template: + src: uploaders.j2 + dest: /srv/apt/conf/uploaders + +- name: "configure reprepro incoming" + template: + src: incoming.j2 + dest: /srv/apt/conf/incoming + owner: apt + group: incoming + mode: 01777 + +- name: "create web root directory" + file: + state: directory + path: /srv/http + +- name: "configure apache to server APT repository over http" + template: + src: 000-default.conf + dest: /etc/apache2/sites-enabled/000-default.conf + owner: root + group: root + mode: 0644 + notify: restart apache2 + +- name: "install script to process uploads to APT" + copy: + src: process-incoming + dest: /srv/apt/process-incoming + owner: apt + group: apt + mode: 0755 + +- name: "create incrontab for apt" + copy: + content: | + /srv/apt/incoming IN_CLOSE_WRITE /srv/apt/process-incoming + dest: /srv/apt/incrontab + +# - name: "set up incrontab for processing incoming uploads" +# shell: | +# sudo -u apt incrontab /srv/apt/incrontab |