blob: 39f8c443ba7201bfe75617bf317ec982d1126b70 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
- name: "install software needed for APT repository management"
apt:
name:
- apache2
- incron
- reprepro
- name: "create root directory for APT repository"
file:
state: directory
path: /srv/apt
owner: apt
group: apt
mode: 0755
- name: "create incoming directory for APT repository"
file:
state: directory
path: /srv/apt/incoming
owner: apt
group: incoming
mode: 0775
- name: "create .gnupg for apt user"
file:
state: directory
dest: /home/apt/.gnupg
owner: apt
group: apt
mode: 0700
- name: "install temporary copies of gpg keys for repository signing"
copy:
content: "{{ item.content }}"
dest: "/home/apt/{{ item.name }}"
owner: apt
group: apt
mode: 0600
with_items:
- content: "{{ apt_signing_key }}"
name: key
- content: "{{ apt_signing_key_pub }}"
name: key.pub
- name: "import gpg keys for apt"
shell: |
cd /home/apt
sudo -u apt gpg --import key key.pub
- name: "delete temporary copies of keys"
file:
dest: "/home/apt/{{ item }}"
state: absent
with_items:
- key
- key.pub
- name: "allow apt user to use incron"
lineinfile:
dest: /etc/incron.allow
line: apt
- name: "crate reprepro configuration directory"
file:
path: /srv/apt/conf
state: directory
- name: "create reprepro temp directory"
file:
state: directory
dest: /srv/apt/tmp
owner: apt
group: apt
mode: 0755
- name: "configure reprepro distributions"
template:
src: distributions.j2
dest: /srv/apt/conf/distributions
- name: "configure reprepro uploaders"
template:
src: uploaders.j2
dest: /srv/apt/conf/uploaders
- name: "configure reprepro incoming"
template:
src: incoming.j2
dest: /srv/apt/conf/incoming
owner: apt
group: incoming
mode: 01777
- name: "create web root directory"
file:
state: directory
path: /srv/http
- name: "configure apache to server APT repository over http"
template:
src: 000-default.conf
dest: /etc/apache2/sites-enabled/000-default.conf
owner: root
group: root
mode: 0644
notify: restart apache2
- name: "install script to process uploads to APT"
copy:
src: process-incoming
dest: /home/apt/process-incoming
owner: apt
group: apt
mode: 0755
- name: "create incrontab for apt"
copy:
content: |
/srv/apt/incoming IN_CLOSE_WRITE /home/apt/process-incoming
dest: /home/apt/incrontab
owner: apt
group: apt
mode: 0644
- name: "set up incrontab for processing incoming uploads"
shell: |
sudo -u apt incrontab /home/apt/incrontab
|