104 lines
2.1 KiB
YAML
104 lines
2.1 KiB
YAML
- name: Install afsadmin keytab
|
|
shell: 'echo "{{ reprepro_keytab }}" | base64 -d > /etc/reprepro.keytab'
|
|
args:
|
|
creates: /etc/reprepro.keytab
|
|
no_log: True
|
|
|
|
- name: Ensure permissions on reprepro keytab
|
|
file:
|
|
path: '/etc/reprepro.keytab'
|
|
owner: root
|
|
group: root
|
|
mode: '0400'
|
|
|
|
- name: Install reprepro
|
|
package:
|
|
name:
|
|
- reprepro
|
|
state: present
|
|
|
|
- name: Ensure config directory
|
|
file:
|
|
path: /etc/reprepro
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Ensure key storage
|
|
file:
|
|
path: /etc/reprepro-gpg-keys
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Ensure log directory
|
|
file:
|
|
path: /var/log/reprepro
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Ensure run directory
|
|
file:
|
|
path: /var/run/reprepro
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Ensure run directory at boot
|
|
copy:
|
|
# d means create this directory
|
|
# ! means only evaluate this on boot, creating the dir outside of boot
|
|
# can break things
|
|
# 0755 root root sets perms and ownership
|
|
# - omits the age value which means do not delete this directory
|
|
content: "d! /var/run/reprepro 0755 root root -"
|
|
dest: /etc/tmpfiles.d/reprepro.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Rotate logfiles
|
|
include_role:
|
|
name: logrotate
|
|
vars:
|
|
logrotate_file_name: '/var/log/reprepro/*.log'
|
|
logrotate_config_file_name: 'reprepro'
|
|
logrotate_frequency: 'weekly'
|
|
|
|
- name: Install mirror script
|
|
copy:
|
|
src: reprepro-mirror-update
|
|
dest: /usr/local/bin/
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
|
|
- name: Debian
|
|
include_tasks: debian.yaml
|
|
|
|
- name: Debian Ceph
|
|
include_tasks: debian-ceph.yaml
|
|
|
|
- name: Debian security
|
|
include_tasks: debian-security.yaml
|
|
|
|
- name: Docker
|
|
include_tasks: docker.yaml
|
|
|
|
- name: Puppetlabs
|
|
include_tasks: puppetlabs.yaml
|
|
|
|
- name: Ubuntu
|
|
include_tasks: ubuntu.yaml
|
|
|
|
- name: Ubuntu Cloud Archive
|
|
include_tasks: ubuntu-cloud-archive.yaml
|
|
|
|
- name: Ubuntu Ports
|
|
include_tasks: ubuntu-ports.yaml
|