diff options
author | Lars Wirzenius <liw@liw.fi> | 2017-10-13 20:29:24 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2017-10-13 20:29:24 +0300 |
commit | 1edcfd5114b4ba496cf36d031184c1ef83542f7e (patch) | |
tree | 95f09578af8efb89b564061b29c548ca2fa08604 /roles | |
parent | 4c19daa77936a25cbb94bbc6dd78794be7aa2e51 (diff) | |
download | debian-ansible-1edcfd5114b4ba496cf36d031184c1ef83542f7e.tar.gz |
Add: install signing key, keyring package via sources_lists
Diffstat (limited to 'roles')
-rw-r--r-- | roles/sane_debian_system/defaults/main.yml | 5 | ||||
-rw-r--r-- | roles/sane_debian_system/tasks/apt.yml | 11 |
2 files changed, 15 insertions, 1 deletions
diff --git a/roles/sane_debian_system/defaults/main.yml b/roles/sane_debian_system/defaults/main.yml index b804181..44b2b2c 100644 --- a/roles/sane_debian_system/defaults/main.yml +++ b/roles/sane_debian_system/defaults/main.yml @@ -14,7 +14,10 @@ debian_mirror: ftp.fi.debian.org # A list of extra APT repositories to add. Each list entry should be a # dict with the key "repo", which is the sources.list line to add. If -# list is empty (as it is by default), nothing extra is added. +# list is empty (as it is by default), nothing extra is added. Other +# keys are "signing_key", the public key of the archive signing key, +# and "keyring_packge", which contains the .deb package with the +# archive signing key. sources_lists: [] diff --git a/roles/sane_debian_system/tasks/apt.yml b/roles/sane_debian_system/tasks/apt.yml index d6ef838..9cbeca6 100644 --- a/roles/sane_debian_system/tasks/apt.yml +++ b/roles/sane_debian_system/tasks/apt.yml @@ -25,11 +25,22 @@ repo: "{{ item.repo }}" update_cache: no +- name: add archive signing keys + with_items: "{{ sources_lists }}" + apt_key: + data: "{{ item.signing_key }}" + state: present + - name: update package lists apt: update_cache: yes cache_valid_time: 0 +- name: add archive keyrings + with_items: "{{ sources_lists }}" + apt: + name: "{{ item.keyring_package }}" + - name: dist-upgrade so everything is up to date apt: upgrade: dist |