From d04ff7dc886d9d8b9383532a71a39de3f8a433b6 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Mon, 11 May 2020 02:32:50 +0200
Subject: add apt-repo/base and backports

---
 chaos-at-home/ch-equinox-ws.yml                            |  2 ++
 inventory/group_vars/all/main.yml                          |  1 +
 inventory/host_vars/ch-equinox-ws.yml                      |  5 +++++
 roles/apt-repo/backports/defaults/main.yml                 |  7 +++++++
 roles/apt-repo/backports/handlers/main.yml                 |  4 ++++
 roles/apt-repo/backports/tasks/main.yml                    | 10 ++++++++++
 roles/apt-repo/base/defaults/main.yml                      |  7 +++++++
 roles/apt-repo/base/handlers/main.yml                      |  4 ++++
 roles/apt-repo/base/tasks/main.yml                         | 14 ++++++++++++++
 roles/apt-repo/base/templates/Debian.list.j2               |  3 +++
 roles/apt-repo/base/templates/Ubuntu.list.j2               |  3 +++
 .../templates/preseed_debian-buster-with-raid.cfg.j2       |  4 ++--
 .../debian/preseed/templates/preseed_debian-buster.cfg.j2  |  4 ++--
 .../debian/preseed/templates/preseed_debian-stretch.cfg.j2 |  4 ++--
 .../debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2  |  4 ++--
 .../debian/preseed/templates/preseed_ubuntu-focal.cfg.j2   |  4 ++--
 .../debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2  |  4 ++--
 .../preseed_xubuntu-eoan-desktop-with-raid.cfg.j2          |  4 ++--
 .../preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 |  4 ++--
 19 files changed, 76 insertions(+), 16 deletions(-)
 create mode 100644 roles/apt-repo/backports/defaults/main.yml
 create mode 100644 roles/apt-repo/backports/handlers/main.yml
 create mode 100644 roles/apt-repo/backports/tasks/main.yml
 create mode 100644 roles/apt-repo/base/defaults/main.yml
 create mode 100644 roles/apt-repo/base/handlers/main.yml
 create mode 100644 roles/apt-repo/base/tasks/main.yml
 create mode 100644 roles/apt-repo/base/templates/Debian.list.j2
 create mode 100644 roles/apt-repo/base/templates/Ubuntu.list.j2

diff --git a/chaos-at-home/ch-equinox-ws.yml b/chaos-at-home/ch-equinox-ws.yml
index b4a812e0..3032d762 100644
--- a/chaos-at-home/ch-equinox-ws.yml
+++ b/chaos-at-home/ch-equinox-ws.yml
@@ -6,6 +6,8 @@
   - role: sshd
   - role: zsh
   - role: admin-user
+  - role: apt-repo/base
+  - role: apt-repo/backports
   - role: apt-repo/spreadspace
   - role: apt-repo/tor-project
   - role: apt-repo/kubernetes
diff --git a/inventory/group_vars/all/main.yml b/inventory/group_vars/all/main.yml
index 1e1b535d..61e78fe5 100644
--- a/inventory/group_vars/all/main.yml
+++ b/inventory/group_vars/all/main.yml
@@ -9,6 +9,7 @@ global_files_dir: "{{ inventory_dir }}/../files"
 ssh_keys_root: "{{ ssh_keys.equinox[env_group] }}"
 
 
+apt_repo_provider: default
 apt_repo_providers:
   default:
     debian: deb.debian.org
diff --git a/inventory/host_vars/ch-equinox-ws.yml b/inventory/host_vars/ch-equinox-ws.yml
index d34f6817..98d4c6d2 100644
--- a/inventory/host_vars/ch-equinox-ws.yml
+++ b/inventory/host_vars/ch-equinox-ws.yml
@@ -23,6 +23,11 @@ admin_user_host:
 
 ssh_allowusers_host: "{{ admin_user_host | map(attribute='name') | list }}"
 
+apt_repo_components:
+  - main
+  - restricted
+  - universe
+  - multiverse
 
 ubuntu_ws_root_fs_size: 30G
 ubuntu_ws_home_fs_size: 200G
diff --git a/roles/apt-repo/backports/defaults/main.yml b/roles/apt-repo/backports/defaults/main.yml
new file mode 100644
index 00000000..6b9e462b
--- /dev/null
+++ b/roles/apt-repo/backports/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+apt_repo_backports_components:
+  ubuntu:
+    - main
+    - universe
+  debian:
+    - main
diff --git a/roles/apt-repo/backports/handlers/main.yml b/roles/apt-repo/backports/handlers/main.yml
new file mode 100644
index 00000000..03ed878a
--- /dev/null
+++ b/roles/apt-repo/backports/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+- name: update apt cache
+  apt:
+    update_cache: yes
diff --git a/roles/apt-repo/backports/tasks/main.yml b/roles/apt-repo/backports/tasks/main.yml
new file mode 100644
index 00000000..20854816
--- /dev/null
+++ b/roles/apt-repo/backports/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: add repository entry
+  copy:
+    content: |
+      deb http://{{ apt_repo_providers[apt_repo_provider][(ansible_distribution | lower)] }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }}-backports {{ apt_repo_components | default(apt_repo_backports_components[(ansible_distribution | lower)]) | join(' ') }}
+    dest: /etc/apt/sources.list.d/backports.list
+  notify: update apt cache
+
+- name: update apt cache
+  meta: flush_handlers
diff --git a/roles/apt-repo/base/defaults/main.yml b/roles/apt-repo/base/defaults/main.yml
new file mode 100644
index 00000000..418bc13f
--- /dev/null
+++ b/roles/apt-repo/base/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+apt_repo_base_components:
+  ubuntu:
+    - main
+    - universe
+  debian:
+    - main
diff --git a/roles/apt-repo/base/handlers/main.yml b/roles/apt-repo/base/handlers/main.yml
new file mode 100644
index 00000000..03ed878a
--- /dev/null
+++ b/roles/apt-repo/base/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+- name: update apt cache
+  apt:
+    update_cache: yes
diff --git a/roles/apt-repo/base/tasks/main.yml b/roles/apt-repo/base/tasks/main.yml
new file mode 100644
index 00000000..44110380
--- /dev/null
+++ b/roles/apt-repo/base/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+- name: install global sources.list
+  template:
+    src: "{{ ansible_distribution }}.list.j2"
+    dest: /etc/apt/sources.list
+  notify: update apt cache
+
+## aptitude is needed for package upgrade roles
+- name: install aptitude and https transport
+  apt:
+    name:
+      - aptitude
+      - apt-transport-https
+    state: present
diff --git a/roles/apt-repo/base/templates/Debian.list.j2 b/roles/apt-repo/base/templates/Debian.list.j2
new file mode 100644
index 00000000..44b4abdd
--- /dev/null
+++ b/roles/apt-repo/base/templates/Debian.list.j2
@@ -0,0 +1,3 @@
+deb http://{{ apt_repo_providers[apt_repo_provider].debian }}/debian {{ ansible_distribution_release }} {{ apt_repo_components | default(apt_repo_base_components.debian) | join(' ') }}
+deb http://{{ apt_repo_providers[apt_repo_provider].debian }}/debian {{ ansible_distribution_release }}-updates {{ apt_repo_components | default(apt_repo_base_components.debian) | join(' ') }}
+deb http://{{ apt_repo_providers[apt_repo_provider].debian }}/debian-security {{ ansible_distribution_release }}/updates {{ apt_repo_components | default(apt_repo_base_components.debian) | join(' ') }}
diff --git a/roles/apt-repo/base/templates/Ubuntu.list.j2 b/roles/apt-repo/base/templates/Ubuntu.list.j2
new file mode 100644
index 00000000..2a336994
--- /dev/null
+++ b/roles/apt-repo/base/templates/Ubuntu.list.j2
@@ -0,0 +1,3 @@
+deb http://{{ apt_repo_providers[apt_repo_provider].ubuntu }}/ubuntu {{ ansible_distribution_release }} {{ apt_repo_components | default(apt_repo_base_components.ubuntu) | join(' ') }}
+deb http://{{ apt_repo_providers[apt_repo_provider].ubuntu }}/ubuntu {{ ansible_distribution_release }}-updates {{ apt_repo_components | default(apt_repo_base_components.ubuntu) | join(' ') }}
+deb http://{{ apt_repo_providers[apt_repo_provider].ubuntu }}/ubuntu {{ ansible_distribution_release }}-security {{ apt_repo_components | default(apt_repo_base_components.ubuntu) | join(' ') }}
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2
index 0e34c84e..739d00ed 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2
@@ -31,7 +31,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].debian }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].debian }}
 d-i mirror/http/directory string /debian
 d-i mirror/http/proxy string
 
@@ -115,7 +115,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].debian }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].debian }}
 
 tasksel tasksel/first multiselect
 d-i pkgsel/include string openssh-server python python-apt
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2
index abb5eb25..de69c10c 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2
@@ -31,7 +31,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].debian }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].debian }}
 d-i mirror/http/directory string /debian
 d-i mirror/http/proxy string
 
@@ -116,7 +116,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].debian }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].debian }}
 
 tasksel tasksel/first multiselect
 d-i pkgsel/include string openssh-server python python-apt
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2
index ecedbab6..fb6ebfde 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2
@@ -31,7 +31,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].debian }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].debian }}
 d-i mirror/http/directory string /debian
 d-i mirror/http/proxy string
 
@@ -116,7 +116,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].debian }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].debian }}
 
 tasksel tasksel/first multiselect
 d-i pkgsel/include string openssh-server python python-apt
diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2
index 769dc3ad..7b305091 100644
--- a/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2
@@ -38,7 +38,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 d-i mirror/http/directory string /ubuntu
 d-i mirror/http/proxy string
 
@@ -124,7 +124,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 
 tasksel tasksel/first multiselect
 d-i pkgsel/include string openssh-server python python-apt ifupdown
diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2
index 5e15d240..fec5ff3c 100644
--- a/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2
@@ -38,7 +38,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 d-i mirror/http/directory string /ubuntu
 d-i mirror/http/proxy string
 
@@ -124,7 +124,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 
 tasksel tasksel/first multiselect
 d-i pkgsel/include string openssh-server python3 python3-apt ifupdown
diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2
index 95199656..5315f54b 100644
--- a/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2
@@ -35,7 +35,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 d-i mirror/http/directory string /ubuntu
 d-i mirror/http/proxy string
 
@@ -121,7 +121,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 
 tasksel tasksel/first multiselect
 d-i pkgsel/include string openssh-server python python-apt
diff --git a/roles/installer/debian/preseed/templates/preseed_xubuntu-eoan-desktop-with-raid.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_xubuntu-eoan-desktop-with-raid.cfg.j2
index 044bf07f..678d1779 100644
--- a/roles/installer/debian/preseed/templates/preseed_xubuntu-eoan-desktop-with-raid.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_xubuntu-eoan-desktop-with-raid.cfg.j2
@@ -41,7 +41,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 d-i mirror/http/directory string /ubuntu
 d-i mirror/http/proxy string
 
@@ -126,7 +126,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 
 tasksel tasksel/first multiselect xubuntu-desktop
 d-i pkgsel/include string openssh-server python python-apt ifupdown
diff --git a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2
index 06587c46..9a8a0d25 100644
--- a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2
@@ -41,7 +41,7 @@ d-i netcfg/wireless_wep string
 
 
 d-i mirror/country string manual
-d-i mirror/http/hostname string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i mirror/http/hostname string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 d-i mirror/http/directory string /ubuntu
 d-i mirror/http/proxy string
 
@@ -127,7 +127,7 @@ d-i partman/confirm_nooverwrite boolean true
 
 
 d-i base-installer/install-recommends boolean false
-d-i apt-setup/security_host string {{ apt_repo_providers[(hostvars[install_hostname].apt_repo_provider | default('default'))].ubuntu }}
+d-i apt-setup/security_host string {{ apt_repo_providers[hostvars[install_hostname].apt_repo_provider].ubuntu }}
 
 tasksel tasksel/first multiselect xubuntu-desktop
 d-i pkgsel/include string openssh-server python3 python3-apt ifupdown
-- 
cgit v1.2.3