Try SpotterAdd and remove deb822 formatted repositories
| "added in version" 2.15 of ansible.builtin"
Authors: Ansible Core Team (@ansible)
pipInstall with pip install ansible-core==2.16.5
Add and remove deb822 formatted repositories in Debian based distributions
- name: Add debian repo
deb822_repository:
name: debian
types: deb
uris: http://deb.debian.org/debian
suites: stretch
components:
- main
- contrib
- non-free
- name: Add debian repo with key
deb822_repository:
name: debian
types: deb
uris: https://deb.debian.org
suites: stable
components:
- main
- contrib
- non-free
signed_by: |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEYCQjIxYJKwYBBAHaRw8BAQdAD/P5Nvvnvk66SxBBHDbhRml9ORg1WV5CvzKY
CuMfoIS0BmFiY2RlZoiQBBMWCgA4FiEErCIG1VhKWMWo2yfAREZd5NfO31cFAmAk
IyMCGyMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQREZd5NfO31fbOwD6ArzS
dM0Dkd5h2Ujy1b6KcAaVW9FOa5UNfJ9FFBtjLQEBAJ7UyWD3dZzhvlaAwunsk7DG
3bHcln8DMpIJVXht78sL
=IE0r
-----END PGP PUBLIC KEY BLOCK-----
- name: Add repo using key from URL
deb822_repository:
name: example
types: deb
uris: https://download.example.com/linux/ubuntu
suites: '{{ ansible_distribution_release }}'
components: stable
architectures: amd64
signed_by: https://download.example.com/linux/ubuntu/gpg
mode:
default: '0644'
description:
- The octal mode for newly created files in sources.list.d.
type: raw
name:
description:
- Name of the repo. Specifically used for C(X-Repolib-Name) and in naming the repository
and signing key files.
required: true
type: str
uris:
description:
- The URIs must specify the base of the Debian distribution archive, from which APT
finds the information it needs.
elements: str
type: list
state:
choices:
- absent
- present
default: present
description:
- A source string state.
type: str
types:
choices:
- deb
- deb-src
default:
- deb
description:
- Which types of packages to look for from a given source; either binary V(deb) or
source code V(deb-src)
elements: str
type: list
pdiffs:
description:
- Controls if APT should try to use PDiffs to update old indexes instead of downloading
the new indexes entirely
type: bool
suites:
description:
- 'Suite can specify an exact path in relation to the URI(s) provided, in which case
the Components: must be omitted and suite must end with a slash (C(/)). Alternatively,
it may take the form of a distribution version (e.g. a version codename like disco
or artful). If the suite does not specify a path, at least one component must be
present.'
elements: str
type: list
by_hash:
description:
- Controls if APT should try to acquire indexes via a URI constructed from a hashsum
of the expected file instead of using the well-known stable filename of the index.
type: bool
enabled:
description:
- Tells APT whether the source is enabled or not.
type: bool
targets:
description:
- Defines which download targets apt will try to acquire from this source.
elements: str
type: list
trusted:
description:
- Decides if a source is considered trusted or if warnings should be raised before
e.g. packages are installed from this source.
type: bool
languages:
description:
- Defines which languages information such as translated package descriptions should
be downloaded.
elements: str
type: list
signed_by:
description:
- Either a URL to a GPG key, absolute path to a keyring file, one or more fingerprints
of keys either in the C(trusted.gpg) keyring or in the keyrings in the C(trusted.gpg.d/)
directory, or an ASCII armored GPG public key block.
type: str
allow_weak:
description:
- Allow repositories signed with a key using a weak digest algorithm
type: bool
check_date:
description:
- Controls if APT should consider the machine's time correct and hence perform time
related checks, such as verifying that a Release file is not from the future.
type: bool
components:
description:
- Components specify different sections of one distribution version present in a Suite.
elements: str
type: list
architectures:
description:
- Architectures to search within repository
elements: str
type: list
allow_insecure:
description:
- Allow insecure repositories
type: bool
inrelease_path:
description:
- Determines the path to the InRelease file, relative to the normal position of an
InRelease file.
type: str
date_max_future:
description:
- Controls how far from the future a repository may be.
type: int
check_valid_until:
description:
- Controls if APT should try to detect replay attacks.
type: bool
allow_downgrade_to_insecure:
description:
- Allow downgrading a package that was previously authenticated but is no longer authenticated
type: bool
dest:
description: Path to the repository file
returned: always
sample: /etc/apt/sources.list.d/focal-archive.sources
type: str
key_filename:
description: Path to the signed_by key file
returned: always
sample: /etc/apt/keyrings/debian.gpg
type: str
repo:
description: A source string for the repository
returned: always
sample: "X-Repolib-Name: debian\nTypes: deb\nURIs: https://deb.debian.org\nSuites:\
\ stable\nComponents: main contrib non-free\nSigned-By:\n -----BEGIN PGP PUBLIC\
\ KEY BLOCK-----\n .\n mDMEYCQjIxYJKwYBBAHaRw8BAQdAD/P5Nvvnvk66SxBBHDbhRml9ORg1WV5CvzKY\n\
\ CuMfoIS0BmFiY2RlZoiQBBMWCgA4FiEErCIG1VhKWMWo2yfAREZd5NfO31cFAmAk\n IyMCGyMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQREZd5NfO31fbOwD6ArzS\n\
\ dM0Dkd5h2Ujy1b6KcAaVW9FOa5UNfJ9FFBtjLQEBAJ7UyWD3dZzhvlaAwunsk7DG\n 3bHcln8DMpIJVXht78sL\n\
\ =IE0r\n -----END PGP PUBLIC KEY BLOCK-----\n"
type: str