diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a83ae29..1d2cd54 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -47,11 +47,9 @@ jobs: - distro: debian10 - distro: debian11 - distro: debian12 - - distro: ubuntu1604 - ansible-version: '>=2.10, <2.11' - - distro: ubuntu1604 - distro: ubuntu1804 - distro: ubuntu2004 + - distro: ubuntu2204 steps: - name: Check out the codebase @@ -65,8 +63,8 @@ jobs: python-version: '3.x' - name: Install test dependencies - run: pip install 'ansible${{ matrix.ansible-version }}' molecule[docker] docker - + run: | + pip install 'ansible${{ matrix.ansible-version }}' molecule-plugins[docker] docker - name: Run Molecule tests run: | molecule test diff --git a/README.md b/README.md index 7984ae6..229903a 100644 --- a/README.md +++ b/README.md @@ -12,33 +12,33 @@ Manage packages and up(date|grade)s in Debian-like systems. #### Variables -* `apt_manage_sources_list`: [default: `false`]: Whether or not to manage `/etc/apt/sources.list` +* `apt_manage_sources_list`: [default: `false`]: Whether to manage `/etc/apt/sources.list` * `apt_ubuntu_mirror`: [default: `mirror://mirrors.ubuntu.com/mirrors.txt`]: The mirror to use -* `apt_ubuntu_security_mirror`: [default: `http://security.ubuntu.com/ubuntu`]: The security-mirror to use -* `apt_src_enable`: [default: `true`]: Whether or not to enable source code repositories -* `apt_backports_enable`: [default: `true`]: Whether or not to enable the `backports` repository -* `apt_ubuntu_universe_enable`: [default: `true`]: Whether or not to enable the `universe` repository -* `apt_ubuntu_multiverse_enable`: [default: `true`]: Whether or not to enable the `multiverse` repository -* `apt_ubuntu_backports_enable`: [default: `true`]: Whether or not to enable the `backports` repository [deprecated in favour of `apt_backports_enable`] -* `apt_ubuntu_partner_enable`: [default: `false`]: Whether or not to enable the `partner` repository -* `apt_ubuntu_extras_enable`: [default: `false`]: Whether or not to enable the `extras` repository (only applies to < 16.04) -* `apt_debian_mirror`: [default: `http://deb.debian.org/debian/`]: The mirror to use -* `apt_debian_security_mirror`: [default: `http://security.debian.org/`]: The security-mirror to use -* `apt_debian_contrib_nonfree_enable`: [default: `false`]: Whether or not to enable the `contrib` `non-free` repository +* `apt_ubuntu_security_mirror`: [default: `https://security.ubuntu.com/ubuntu`]: The security-mirror to use +* `apt_src_enable`: [default: `true`]: Whether to enable source code repositories +* `apt_backports_enable`: [default: `true`]: Whether to enable the `backports` repository +* `apt_ubuntu_universe_enable`: [default: `true`]: Whether to enable the `universe` repository +* `apt_ubuntu_multiverse_enable`: [default: `true`]: Whether to enable the `multiverse` repository +* `apt_ubuntu_backports_enable`: [default: `true`]: Whether to enable the `backports` repository [deprecated in favour of `apt_backports_enable`] +* `apt_ubuntu_partner_enable`: [default: `false`]: Whether to enable the `partner` repository +* `apt_ubuntu_extras_enable`: [default: `false`]: Whether to enable the `extras` repository (only applies to < 16.04) +* `apt_debian_mirror`: [default: `https://deb.debian.org/debian/`]: The mirror to use +* `apt_debian_security_mirror`: [default: `https://security.debian.org/`]: The security-mirror to use +* `apt_debian_contrib_nonfree_enable`: [default: `false`]: Whether to enable the `contrib` `non-free` `non-free-firmware` repository * `apt_dependencies`: [default: `[python3-apt, aptitude]`]: General dependencies for apt modules to work -* `apt_update`: [default: `true`]: Whether or not to update +* `apt_update`: [default: `true`]: Whether to update * `apt_update_cache_valid_time`: [default: `3600`]: Number of seconds the apt cache stays valid -* `apt_upgrade`: [default: `true`]: Whether or not to upgrade +* `apt_upgrade`: [default: `true`]: Whether to upgrade * `apt_upgrade_type`: [default: `dist`]: If yes or safe, performs an aptitude safe-upgrade. If full, performs an aptitude full-upgrade. If dist, performs an apt-get dist-upgrade * `apt_upgrade_dpkg_options`: [default: `['force-confdef', 'force-confold']`]: Add `dpkg` options to `apt` command -* `apt_clean`: [default: `true`]: Whether or not to clean -* `apt_dpkg_configure`: [default: `false`]: Whether or not to run `dpkg --configure -a` -* `apt_autoremove`: [default: `true`]: Whether or not to autoremove +* `apt_clean`: [default: `true`]: Whether to clean +* `apt_dpkg_configure`: [default: `false`]: Whether to run `dpkg --configure -a` +* `apt_autoremove`: [default: `true`]: Whether to autoremove * `apt_install`: [default: `[]`]: Packages to install * `apt_install_state`: [default: `latest`]: State of packages to install (e.g. `present`) * `apt_remove`: [default: `[]`]: Packages to remove -* `apt_remove_purge`: [default: `false`]: Whether or not to purge +* `apt_remove_purge`: [default: `false`]: Whether to purge * `apt_etc_apt_apt_conf`: [default: `[]`]: List of lines to be added to `/etc/apt/apt.conf` * `apt_etc_apt_apt_conf_d_files_absent`: [default: `[]`]: List of files to be removed from `/etc/apt/apt.conf.d` diff --git a/Vagrantfile b/Vagrantfile index 7f58430..ac8fe7e 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -4,13 +4,6 @@ role = File.basename(File.expand_path(File.dirname(__FILE__))) boxes = [ - { - :name => "ubuntu-1604", - :box => "bento/ubuntu-16.04", - :ip => '10.0.0.12', - :cpu => "50", - :ram => "256" - }, { :name => "ubuntu-1804", :box => "bento/ubuntu-18.04", @@ -23,7 +16,14 @@ boxes = [ :box => "bento/ubuntu-20.04", :ip => '10.0.0.14', :cpu => "50", - :ram => "384" + :ram => "512" + }, + { + :name => "ubuntu-2204", + :box => "bento/ubuntu-22.04", + :ip => '10.0.0.15', + :cpu => "50", + :ram => "512" }, { :name => "debian-10", @@ -44,7 +44,7 @@ boxes = [ :box => "bento/debian-12", :ip => '10.0.0.20', :cpu => "50", - :ram => "256" + :ram => "384" }, ] diff --git a/defaults/main.yml b/defaults/main.yml index ce8274e..9f105c7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -14,8 +14,8 @@ apt_ubuntu_backports_enable: true apt_ubuntu_partner_enable: false apt_ubuntu_extras_enable: false # Debian specific -apt_debian_mirror: http://deb.debian.org/debian/ -apt_debian_security_mirror: "{{ (ansible_distribution == 'Debian' and ansible_distribution_major_version is version('10', '<=')) | ternary('http://security.debian.org/', 'http://security.debian.org/debian-security') }}" +apt_debian_mirror: https://deb.debian.org/debian/ +apt_debian_security_mirror: "{{ (ansible_distribution == 'Debian' and ansible_distribution_major_version is version('10', '<=')) | ternary('https://security.debian.org/', 'https://security.debian.org/debian-security') }}" apt_debian_contrib_nonfree_enable: false apt_dependencies: diff --git a/meta/main.yml b/meta/main.yml index 4d55d29..2252d07 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -10,9 +10,9 @@ galaxy_info: platforms: - name: Ubuntu versions: - - xenial - bionic - focal + - jammy - name: Debian versions: - buster diff --git a/molecule/default/collections.yml b/molecule/default/collections.yml index c3d7e2a..1062b36 100644 --- a/molecule/default/collections.yml +++ b/molecule/default/collections.yml @@ -1,6 +1,2 @@ --- -collections: - - name: community.docker - version: '>=1.2.0,<2' - - name: community.general - version: '>=2,<3' +collections: [] diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 8841165..908aaf6 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -5,7 +5,7 @@ driver: name: docker platforms: - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1604}-ansible:latest" + image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu2004}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw diff --git a/tasks/main.yml b/tasks/main.yml index 57ab0c4..f1ae49b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,18 +1,27 @@ # tasks file --- -- name: update configuration file - /etc/apt/sources.list - ansible.builtin.template: - src: "etc/apt/sources.list.{{ ansible_distribution }}.j2" - dest: /etc/apt/sources.list - owner: root - group: root - mode: 0644 - register: apt_config_updated +- name: manage sources.list when: apt_manage_sources_list | bool tags: - configuration - apt - apt-configuration + block: + - name: install dependencies (pre) + ansible.builtin.apt: + name: "{{ apt_dependencies_pre }}" + state: "{{ apt_install_state | default('latest') }}" + update_cache: true + cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}" + + - name: update configuration file - /etc/apt/sources.list + ansible.builtin.template: + src: "etc/apt/sources.list.{{ ansible_distribution }}.j2" + dest: /etc/apt/sources.list + owner: root + group: root + mode: 0644 + register: _apt_config_updated - name: update configuration file - /etc/apt/apt.conf ansible.builtin.template: @@ -51,7 +60,7 @@ - name: update ansible.builtin.apt: update_cache: true - cache_valid_time: "{{ 0 if apt_config_updated is defined and apt_config_updated.changed else apt_update_cache_valid_time }}" + cache_valid_time: "{{ 0 if _apt_config_updated is defined and _apt_config_updated.changed else apt_update_cache_valid_time }}" when: apt_update | bool tags: - configuration diff --git a/templates/etc/apt/sources.list.Debian.j2 b/templates/etc/apt/sources.list.Debian.j2 index be68957..a1ce457 100644 --- a/templates/etc/apt/sources.list.Debian.j2 +++ b/templates/etc/apt/sources.list.Debian.j2 @@ -13,16 +13,15 @@ deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-updates main # Contrib packages contain DFSG-compliant software, # but have dependencies not in main (possibly packaged for Debian in non-free). # Non-free contains software that does not comply with the DFSG. -{% if apt_debian_contrib_nonfree_enable %} -deb {{ apt_debian_mirror }} {{ ansible_distribution_release }} contrib non-free -{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }} contrib non-free +{% if apt_debian_contrib_nonfree_enable | bool %} +deb {{ apt_debian_mirror }} {{ ansible_distribution_release }} contrib non-free{{ ansible_distribution_major_version is version('12', '>=') | ternary(' non-free-firmware', '') }} +{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }} contrib non-free{{ ansible_distribution_major_version is version('12', '>=') | ternary(' non-free-firmware', '') }} {% endif %} # # N.B. software from this repository may not have been tested as # # extensively as that contained in the main release, although it includes # # newer versions of some applications which may provide useful features. -{% if apt_backports_enable %} -deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free -{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free +{% if apt_backports_enable | bool %} +deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free{{ ansible_distribution_major_version is version('12', '>=') | ternary(' non-free-firmware', '') }} +{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free{{ ansible_distribution_major_version is version('12', '>=') | ternary(' non-free-firmware', '') }} {% endif %} - diff --git a/templates/etc/apt/sources.list.Ubuntu.j2 b/templates/etc/apt/sources.list.Ubuntu.j2 index 118846e..0560cde 100644 --- a/templates/etc/apt/sources.list.Ubuntu.j2 +++ b/templates/etc/apt/sources.list.Ubuntu.j2 @@ -1,6 +1,6 @@ {{ ansible_managed | comment }} -# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to +# See https://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }} main restricted {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }} main restricted @@ -13,7 +13,7 @@ deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-updates main rest # # N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu # # team. Also, please note that software in universe WILL NOT receive any # # review or updates from the Ubuntu security team. -{% if apt_ubuntu_universe_enable %} +{% if apt_ubuntu_universe_enable | bool %} deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }} universe {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }} universe deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-updates universe @@ -25,7 +25,7 @@ deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-updates universe # # your rights to use the software. Also, please note that software in # # multiverse WILL NOT receive any review or updates from the Ubuntu # # security team. -{% if apt_ubuntu_multiverse_enable %} +{% if apt_ubuntu_multiverse_enable | bool %} deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }} multiverse {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }} multiverse deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-updates multiverse @@ -37,32 +37,32 @@ deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-updates multivers # # newer versions of some applications which may provide useful features. # # Also, please note that software in backports WILL NOT receive any review # # or updates from the Ubuntu security team. -{% if apt_backports_enable or apt_ubuntu_backports_enable %} +{% if apt_backports_enable or apt_ubuntu_backports_enable | bool %} deb {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-backports main restricted universe multiverse {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_mirror }} {{ ansible_distribution_release }}-backports main restricted universe multiverse {% endif %} deb {{ apt_ubuntu_security_mirror }} {{ ansible_distribution_release }}-security main restricted {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_security_mirror }} {{ ansible_distribution_release }}-security main restricted -{% if apt_ubuntu_universe_enable %} +{% if apt_ubuntu_universe_enable | bool %} deb {{ apt_ubuntu_security_mirror }} {{ ansible_distribution_release }}-security universe {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_security_mirror }} {{ ansible_distribution_release }}-security universe {% endif %} -{% if apt_ubuntu_multiverse_enable %} +{% if apt_ubuntu_multiverse_enable | bool %} deb {{ apt_ubuntu_security_mirror }} {{ ansible_distribution_release }}-security multiverse {{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_ubuntu_security_mirror }} {{ ansible_distribution_release }}-security multiverse {% endif %} # # This software is not part of Ubuntu, but is offered by Canonical and the # # respective vendors as a service to Ubuntu users. -{% if apt_ubuntu_partner_enable %} +{% if apt_ubuntu_partner_enable | bool %} deb http://archive.canonical.com/ubuntu {{ ansible_distribution_release }} partner {{ '# ' if not apt_src_enable else '' }}deb-src http://archive.canonical.com/ubuntu {{ ansible_distribution_release }} partner {% endif %} # # This software is not part of Ubuntu, but is offered by third-party # # developers who want to ship their latest software. -{% if apt_ubuntu_extras_enable and ansible_distribution_version is version('16.04', '<') %} +{% if apt_ubuntu_extras_enable | bool and ansible_distribution_version is version('16.04', '<') %} deb http://extras.ubuntu.com/ubuntu {{ ansible_distribution_release }} main {{ '# ' if not apt_src_enable else '' }}deb-src http://extras.ubuntu.com/ubuntu {{ ansible_distribution_release }} main {% endif %} diff --git a/vars/main.yml b/vars/main.yml index c28aada..e3d5c8e 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,4 +1,8 @@ # vars file --- +apt_dependencies_pre: + - software-properties-common + - dirmngr + - apt-transport-https apt_apt_conf_file: /etc/apt/apt.conf apt_debian_security_mirror_suffix: "{{ (ansible_distribution == 'Debian' and ansible_distribution_major_version is version('10', '<=')) | ternary('/updates', '-security') }}"