blob: b6779fdc302349d4a0f21ec67bf08db58317fab7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
- name: Set up repository
become: true
vars:
# For some reason, if the key is in a weird format that requires
# running `gpg --dearmor`, you must save it with the .gpg extension
# instead of .asc. You can then completely skip the gpg step. Source:
# https://stackoverflow.com/q/71585303/514684
key_path: '{{ apt_repo_keys_dir }}/{{ apt_repo_name }}{{ apt_repo_key_dearmor | ternary(".gpg", ".asc") }}'
block:
- name: Create keys directory
ansible.builtin.file:
path: '{{ apt_repo_keys_dir }}'
mode: '755'
state: directory
- name: 'Add key: {{ apt_repo_name }}'
ansible.builtin.get_url:
url: '{{ apt_repo_key_url }}'
dest: '{{ key_path }}'
mode: '644'
- name: Get host distro
ansible.builtin.setup:
gather_subset: [distribution_release]
# Not using the apt_repository module, since it _adds_ a new repository
# in the .list file. That way, we can end up with an invalid repository
# line.
- name: 'Add repository: {{ apt_repo_name }}'
ansible.builtin.template:
src: repo.list.j2
dest: '/etc/apt/sources.list.d/{{ apt_repo_name }}.list'
owner: root
group: root
mode: '644'
register: repo_file
- name: Refresh apt repositories
ansible.builtin.apt:
update_cache: true
when: repo_file.changed
|