diff --git a/defaults/main.yml b/defaults/main.yml index c6c4b28..a5b39d1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,5 +5,15 @@ apt_distribution_name: debian apt_distribution_release: bullseye apt_distribution_sections: main +apt_repositories: [] +# Exemple: +# - name: incus +# key: https://pkgs.zabbly.com/key.asc +# url: https://pkgs.zabbly.com/incus/stable +# distribution_release: bookworm +# distribution_section: main + apt_remove: [] apt_install: [] + +apt_full_upgrade: false diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..5439909 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,7 @@ +--- +# handlers file for apt + +- name: Mettre à jour le cache + ansible.builtin.apt: + update_cache: true + become: true diff --git a/tasks/configuration.yml b/tasks/configuration.yml new file mode 100644 index 0000000..a885656 --- /dev/null +++ b/tasks/configuration.yml @@ -0,0 +1,22 @@ +--- +# tasks file for apt + +- name: Déployer la configuration du gestionnaire + ansible.builtin.template: + src: apt.conf.j2 + dest: /etc/apt/apt.conf.d/99-custom + owner: root + group: root + mode: u=rw,g=r,o=r + become: true + notify: Mettre à jour le cache + +- name: Déployer la configuration des sources + ansible.builtin.template: + src: "{{ apt_distribution_name }}-{{ apt_distribution_release }}.list.j2" + dest: /etc/apt/sources.list + owner: root + group: root + mode: u=rw,g=r,o=r + become: true + notify: Mettre à jour le cache diff --git a/tasks/gestion.yml b/tasks/gestion.yml new file mode 100644 index 0000000..0b277b3 --- /dev/null +++ b/tasks/gestion.yml @@ -0,0 +1,37 @@ +--- +# tasks file for apt + +- name: Construire la liste des paquets à désinstaller + ansible.builtin.set_fact: + apt_remove: "{{ apt_remove + specific }}" + when: specific | length > 0 + loop: "{{ lookup('ansible.builtin.varnames', '^apt_remove_.+', wantlist=True) }}" + vars: + specific: "{{ lookup('ansible.builtin.vars', item, default='') }}" + +- name: Désinstaller des paquets + ansible.builtin.apt: + state: absent + purge: true + autoremove: true + name: "{{ apt_remove }}" + become: true + +- name: Mettre à jour la distribution + become: true + ansible.builtin.apt: + upgrade: dist + when: apt_full_upgrade + +- name: Construire la liste des paquets à installer + ansible.builtin.set_fact: + apt_install: "{{ apt_install + specific }}" + when: specific | length > 0 + loop: "{{ lookup('ansible.builtin.varnames', '^apt_install_.+', wantlist=True) }}" + vars: + specific: "{{ lookup('ansible.builtin.vars', item, default='') }}" + +- name: Installer des paquets + ansible.builtin.apt: + name: "{{ apt_install }}" + become: true diff --git a/tasks/main.yml b/tasks/main.yml index a089c28..12e21c8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,65 +1,18 @@ --- # tasks file for apt -- name: Déployer la configuration du gestionnaire - ansible.builtin.template: - src: apt.conf.j2 - dest: /etc/apt/apt.conf.d/99-custom - owner: root - group: root - mode: u=rw,g=r,o=r - become: true +- name: Importer les tâches de configuration + ansible.builtin.import_tasks: + file: configuration.yml -- name: Déployer la configuration des sources - ansible.builtin.template: - src: "{{ apt_distribution_name }}-{{ apt_distribution_release }}.list.j2" - dest: /etc/apt/sources.list - owner: root - group: root - mode: u=rw,g=r,o=r - become: true +- name: Importer les tâches d'ajout de dépôts tiers + ansible.builtin.import_tasks: + file: repositories.yml + when: apt_repositories | length > 0 -- name: Mettre à jour le cache - ansible.builtin.apt: - name: sudo - become: true +- name: Exécuter les handlers + meta: flush_handlers -- name: Installer sudo - ansible.builtin.apt: - name: sudo - become: true - -- name: Construire la liste des paquets à désinstaller - ansible.builtin.set_fact: - apt_remove: "{{ apt_remove + specific }}" - when: specific | length > 0 - loop: "{{ lookup('ansible.builtin.varnames', '^apt_remove_.+', wantlist=True) }}" - vars: - specific: "{{ lookup('ansible.builtin.vars', item, default='') }}" - -- name: Désinstaller des paquets - ansible.builtin.apt: - state: absent - purge: true - autoremove: true - name: "{{ apt_remove }}" - become: true - -- name: Mettre à jour la distribution - become: true - ansible.builtin.apt: - update_cache: true - upgrade: dist - -- name: Construire la liste des paquets à installer - ansible.builtin.set_fact: - apt_install: "{{ apt_install + specific }}" - when: specific | length > 0 - loop: "{{ lookup('ansible.builtin.varnames', '^apt_install_.+', wantlist=True) }}" - vars: - specific: "{{ lookup('ansible.builtin.vars', item, default='') }}" - -- name: Installer des paquets - ansible.builtin.apt: - name: "{{ apt_install }}" - become: true +- name: Importer les tâches de gestion de paquets + ansible.builtin.import_tasks: + file: gestion.yml diff --git a/tasks/repositories.yml b/tasks/repositories.yml new file mode 100644 index 0000000..aa40b49 --- /dev/null +++ b/tasks/repositories.yml @@ -0,0 +1,26 @@ +--- +# tasks file for apt + +- name: Télécharger la clef du dépôt + ansible.builtin.get_url: + url: "{{ item.key }}" + dest: "/etc/apt/keyrings/{{ item.name }}.asc" + mode: u=rw,g=r,o=r + become: true + loop: "{{ apt_repositories }}" + loop_control: + label: "{{ item.name }}" + notify: Mettre à jour le cache + +- name: Ajouter le dépôt + ansible.builtin.template: + src: repository.list.j2 + dest: /etc/apt/sources.list.d/{{ item.name }}.list + owner: root + group: root + mode: u=rw,g=r,o=r + become: true + loop: "{{ apt_repositories }}" + loop_control: + label: "{{ item.name }}" + notify: Mettre à jour le cache diff --git a/templates/repository.list.j2 b/templates/repository.list.j2 new file mode 100644 index 0000000..c77d276 --- /dev/null +++ b/templates/repository.list.j2 @@ -0,0 +1,3 @@ +# {{ ansible_managed }} + +deb [signed-by=/etc/apt/keyrings/{{ item.name }}.asc] {{ item.url }} {{ item.distribution_release }} {{ item.distribution_section }}