diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2024-05-26 21:44:21 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2024-05-26 21:44:21 +0200 |
| commit | 1bdadee9e8d56e3c37102d96cf585ca8958a454e (patch) | |
| tree | 1d5755d4f92251e10248df4183738a75690a43e0 | |
| parent | use LACP for switch interconnect (diff) | |
apt-cacher-ng: initial working role
| -rw-r--r-- | chaos-at-home/host_vars/ch-apt.yml | 9 | ||||
| -rw-r--r-- | inventory/host_vars/ch-apt.yml | 27 | ||||
| -rw-r--r-- | roles/apt-cacher-ng/defaults/main.yml | 18 | ||||
| -rw-r--r-- | roles/apt-cacher-ng/handlers/main.yml | 5 | ||||
| -rw-r--r-- | roles/apt-cacher-ng/tasks/main.yml | 58 |
5 files changed, 117 insertions, 0 deletions
diff --git a/chaos-at-home/host_vars/ch-apt.yml b/chaos-at-home/host_vars/ch-apt.yml new file mode 100644 index 00000000..8a46a632 --- /dev/null +++ b/chaos-at-home/host_vars/ch-apt.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.2;AES256;chaos-at-home +63343434616336326566326464383931386565363433613635653836613166333461333633613239 +6261316164363531663932353564303764336536383239620a316130313064363863353138303763 +34666638616332396238303733396431326661663634313365383136393434383338336161653864 +6164363531313835380a656565353133666562633739363234336164326464323235343232656639 +30623532313433613266623864353436666362356239306339363139623766626265343933366261 +31326636393539326163313334323235313763643231363863303566376238383164316330663936 +62383062613039393733323532643437626232383963383035346264333665346538343130333733 +64306631343436323762 diff --git a/inventory/host_vars/ch-apt.yml b/inventory/host_vars/ch-apt.yml index 2d4d5592..e23a6c20 100644 --- a/inventory/host_vars/ch-apt.yml +++ b/inventory/host_vars/ch-apt.yml @@ -44,9 +44,36 @@ lvm_groups: pvs: - /dev/sdb + apt_cacher_ng_storage: type: lvm vg: storage lv: apt-cacher-ng size: 15G fs: ext4 + +apt_cacher_ng_remaps: + debian: + path: /debian + backends: + - http://debian.anexia.at/debian + debian-security: + path: /debian-security + backends: + - http://debian.anexia.at/debian-security + ubuntu: + path: /ubuntu + backends: + - http://ubuntu.anexia.at/ubuntu + raspios: + path: /raspios + backends: + - http://archive.raspberrypi.com/debian + kalirep: + path: /kali + backends: + - http://http.kali.org/kali + +apt_cacher_ng_admin_auth: + username: admin + password: "{{ vault_apt_cacher_ng_admin_auth_password }}" diff --git a/roles/apt-cacher-ng/defaults/main.yml b/roles/apt-cacher-ng/defaults/main.yml index abdf06ee..eb50d456 100644 --- a/roles/apt-cacher-ng/defaults/main.yml +++ b/roles/apt-cacher-ng/defaults/main.yml @@ -1,3 +1,21 @@ --- # apt_cacher_ng_storage: # type: ... + +# apt_cacher_ng_remaps: +# debrep: +# path: /debian +# backends: +# - http://deb.debian.org/debian +# debsec: +# path: /debian-security +# backends: +# - http://security.debian.org +# uburep: +# path: /ubuntu +# backends: +# - http://archive.ubuntu.com/ubuntu + +# apt_cacher_ng_admin_auth: +# username: admin +# password: secret diff --git a/roles/apt-cacher-ng/handlers/main.yml b/roles/apt-cacher-ng/handlers/main.yml new file mode 100644 index 00000000..80718ec2 --- /dev/null +++ b/roles/apt-cacher-ng/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart apt-cacher-ng + service: + name: apt-cacher-ng + state: restarted diff --git a/roles/apt-cacher-ng/tasks/main.yml b/roles/apt-cacher-ng/tasks/main.yml index bfe05383..eb1620cc 100644 --- a/roles/apt-cacher-ng/tasks/main.yml +++ b/roles/apt-cacher-ng/tasks/main.yml @@ -24,3 +24,61 @@ apt: name: apt-cacher-ng state: present + +- name: fetch current remaps + slurp: + src: /etc/apt-cacher-ng/acng.conf + register: apt_cacher_ng_config_data + +- name: fetch current backend files + find: + paths: /etc/apt-cacher-ng + patterns: 'backends_*' + recurse: no + file_type: any + register: apt_cacher_ng_backends_files + +- name: remove superflous remaps + loop: "{{ (apt_cacher_ng_config_data.content | b64decode).splitlines() | select('match', '^Remap-') | map('regex_replace', '^Remap-([^:]*):.*$', '\\1') }}" + lineinfile: + path: /etc/apt-cacher-ng/acng.conf + regexp: '^Remap-{{ item }}:.*' + state: absent + notify: restart apt-cacher-ng + +- name: remove superflous backend files + loop: "{{ apt_cacher_ng_backends_files.files | map(attribute='path') | map('basename') | map('regex_replace', '^backends_(.*)$', '\\1') | difference(apt_cacher_ng_remaps | list) }}" + file: + path: "/etc/apt-cacher-ng/backends_{{ item }}" + state: absent + +- name: add ansible config + copy: + content: | + # ansible managed + ForceManaged: 1 + + {% for name, config in apt_cacher_ng_remaps.items() %} + Remap-{{ name }}: {{ config.path }} ; file:backends_{{ name }} + {% endfor %} + dest: /etc/apt-cacher-ng/zzz_ansible.conf + notify: restart apt-cacher-ng + +- name: create backend files + loop: "{{ apt_cacher_ng_remaps | dict2items }}" + loop_control: + label: "{{ item.key }}" + copy: + content: | + {% for backend in item.value.backends %} + {{ backend }} + {% endfor %} + dest: "/etc/apt-cacher-ng/backends_{{ item.key }}" + notify: restart apt-cacher-ng + +- name: configure admin auth + lineinfile: + path: /etc/apt-cacher-ng/security.conf + regexp: '#\s*AdminAuth:' + line: "AdminAuth: {{ apt_cacher_ng_admin_auth.username }}:{{ apt_cacher_ng_admin_auth.password }}" + notify: restart apt-cacher-ng |