diff options
author | Lars Wirzenius <liw@liw.fi> | 2021-12-28 17:32:02 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2021-12-28 17:32:02 +0200 |
commit | 6e885e5cd79520e8e9bbb3a7b8f7dca118b17979 (patch) | |
tree | 7a925ab6c65605b9d5aa7261e6b0ecc7b5ee9e76 /roles | |
parent | e52e8db319d5683e90e7e0116b995e65392cfefc (diff) | |
download | debian-ansible-6e885e5cd79520e8e9bbb3a7b8f7dca118b17979.tar.gz |
sane_debian_system: avoid apt-key for adding repository signing keys
Debian has decided to deprecate apt-key, though I can't find out why.
Sponsored-by: author
Diffstat (limited to 'roles')
-rw-r--r-- | roles/sane_debian_system/tasks/apt.yml | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/roles/sane_debian_system/tasks/apt.yml b/roles/sane_debian_system/tasks/apt.yml index 13937c9..3f1fd5e 100644 --- a/roles/sane_debian_system/tasks/apt.yml +++ b/roles/sane_debian_system/tasks/apt.yml @@ -39,23 +39,27 @@ src: sources.list.j2 dest: /etc/apt/sources.list -- name: additional sources.list.d/* - with_items: "{{ sane_debian_system_sources_lists }}" - apt_repository: - repo: "{{ item.repo }}" - update_cache: no +- name: "update package lists" + apt: + update_cache: yes - name: install necessary tools apt: name: - sudo - - gpg + +- name: additional sources.list.d/* + with_items: "{{ sane_debian_system_sources_lists }}" + apt_repository: + repo: "{{ item.repo }}" + update_cache: no - name: add archive signing keys with_items: "{{ sane_debian_system_sources_lists }}" - apt_key: - data: "{{ item.signing_key }}" - state: present + shell: | + key="{{ item.signing_key }}" + sum="$(echo -n "$key" | sha1sum | awk '{ print $1 }')" + echo "$key" > "/etc/apt/trusted.gpg.d/$sum.asc" when: item.signing_key is defined # Use shell to run apt-get to update package lists so that we can pass |