blob: ef34bf51a63f40cec1b7e48b9cb36f5f71b620bc (
plain) (
tree)
|
|
- name: Set up repository
become: true
vars:
# For some reason, if the key is in a weird format that requires
# running `gpg --dearmor`, you must save it with the .gpg extension
# instead of .asc. You can then completely skip the gpg step. Source:
# https://stackoverflow.com/q/71585303/514684
key_path: '{{ apt_repo_keys_dir }}/{{ apt_repo_name }}{{ apt_repo_key_dearmor | ternary(".gpg", ".asc") }}'
block:
- name: Create keys directory
ansible.builtin.file:
path: '{{ apt_repo_keys_dir }}'
state: directory
owner: root
group: root
mode: '755'
- name: 'Add key: {{ apt_repo_name }}'
ansible.builtin.get_url:
url: '{{ apt_repo_key_url }}'
dest: '{{ key_path }}'
owner: root
group: root
mode: '644'
notify: apt_repo_update
- name: Get host distro
ansible.builtin.setup:
gather_subset: [distribution_release]
# Not using the apt_repository module, since it _adds_ a new repository
# in the .list file. That way, we can end up with an invalid repository
# line.
- name: 'Add repository: {{ apt_repo_name }}'
ansible.builtin.template:
src: repo.list.j2
dest: '/etc/apt/sources.list.d/{{ apt_repo_name }}.list'
owner: root
group: root
mode: '644'
notify: apt_repo_update
- name: Refresh apt repositories if necessary
ansible.builtin.meta: flush_handlers
|
