summaryrefslogtreecommitdiff
path: root/roles/sane_debian_system/tasks/apt.yml
blob: 21eea70d4816d4e006bf854a6d5f84486448a2c7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# Safety check: make sure debian_codename is set.
- name: check that sane_debian_system_codename is set
  shell: |
    if [ "{{ sane_debian_system_codename }}" = "" ]
    then
        echo "You MUST set sane_debian_system_codename" 1>&2
        exit 1
    fi


# First update package lists. The ones that come with the image may be
# badly out of date.
#
# Ignore any error here so that later tasks can fix things such as a badly
# formed sources.list.
- name: update package lists
  ignore_errors: yes
  apt:
    update_cache: yes
    cache_valid_time: 0

- name: install sudo
  apt:
    name: sudo

# Now install https transport for APT. This is installed before
# changing sources lists, so that if they happen to use https URLs apt
# will still work. apt-transport-https is in the main Debian archive,
# and we assume those are in the sources.list that come with the
# image.
#
# Ignore any error here so that later tasks can fix things such as a badly
# formed sources.list.
- name: install apt-transport-https
  ignore_errors: yes
  apt:
    name: apt-transport-https

- name: configure main sources.list
  template:
    src: sources.list.j2
    dest: /etc/apt/sources.list

- name: additional sources.list.d/*
  with_items: "{{ sane_debian_system_sources_lists }}"
  apt_repository:
    repo: "{{ item.repo }}"
    update_cache: no

- name: add archive signing keys
  with_items: "{{ sane_debian_system_sources_lists }}"
  apt_key:
    data: "{{ item.signing_key }}"
    state: present
  when: item.signing_key is defined

- name: update package lists
  apt:
    update_cache: yes
    cache_valid_time: 0

- name: add archive keyrings
  with_items: "{{ sane_debian_system_sources_lists }}"
  apt:
    name: "{{ item.keyring_package }}"
  when: item.keyring_package is defined

- name: dist-upgrade so everything is up to date
  apt:
    upgrade: dist