blob: 6bf8412839fadc82bc33c025ef869bb54e4ca2d1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
- name: "install software needed for APT repository management"
apt:
name:
- apache2
- incron
- reprepro
- name: "create root directory for APT repository"
file:
state: directory
path: /srv/apt
owner: apt
group: apt
mode: 0755
- name: "create incoming directory for APT repository"
file:
state: directory
path: /srv/apt/incoming
owner: apt
group: incoming
mode: 0775
- name: "create .gnupg for apt user"
file:
state: directory
dest: /home/apt/.gnupg
owner: apt
group: apt
mode: 0700
- name: "install temporary copies of gpg keys for repository signing"
copy:
content: "{{ item.content }}"
dest: "/home/apt/{{ item.name }}"
owner: apt
group: apt
mode: 0600
with_items:
- content: "{{ apt_signing_key }}"
name: key
- content: "{{ apt_signing_key_pub }}"
name: key.pub
- name: "import gpg keys for apt"
shell: |
cd /home/apt
sudo -u apt gpg --import key key.pub
- name: "delete temporary copies of keys"
file:
dest: "/home/apt/{{ item }}"
state: absent
with_items:
- key
- key.pub
- name: "allow apt user to use incron"
lineinfile:
dest: /etc/incron.allow
line: apt
- name: "crate reprepro configuration directory"
file:
path: /srv/apt/conf
state: directory
- name: "create reprepro temp directory"
file:
state: directory
dest: /srv/apt/tmp
owner: apt
group: apt
mode: 0755
- name: "configure reprepro distributions"
template:
src: distributions.j2
dest: /srv/apt/conf/distributions
- name: "configure reprepro uploaders"
template:
src: uploaders.j2
dest: /srv/apt/conf/uploaders
- name: "configure reprepro incoming"
template:
src: incoming.j2
dest: /srv/apt/conf/incoming
owner: apt
group: incoming
mode: 01777
- name: "create web root directory"
file:
state: directory
path: /srv/http
- name: "install an index page in the web root directory"
copy:
content: |
{{ apt_index_content }}
dest: /srv/http/index.html
- name: "configure apache to server APT repository over http"
template:
src: 000-default.conf
dest: /etc/apache2/sites-enabled/000-default.conf
owner: root
group: root
mode: 0644
notify: restart apache2
- name: "install script to process uploads to APT"
copy:
src: process-incoming
dest: /home/apt/process-incoming
owner: apt
group: apt
mode: 0755
- name: "create incrontab for apt"
copy:
content: |
/srv/apt/incoming IN_CLOSE_WRITE /home/apt/process-incoming
dest: /home/apt/incrontab
owner: apt
group: apt
mode: 0644
- name: "set up incrontab for processing incoming uploads"
shell: |
sudo -u apt incrontab /home/apt/incrontab
|