Skip to content

deb822_repository

Collection Note

This module is part of the ansible.builtin collection. To install the collection, use:

ansible-galaxy collection install ansible.builtin
Added in version 2.15.

You need further requirements to be able to use this module, see the Requirements section for details.

Synopsis

  • Add and remove deb822 formatted repositories in Debian based distributions.

Requirements

The following Python packages are needed on the host that executes this module:

Parameters

Parameter Defaults / Choices Comments
allow_downgrade_to_insecure
bool		 Allow downgrading a package that was previously authenticated but is no longer authenticated.
allow_insecure
bool		 Allow insecure repositories.
allow_weak
bool		 Allow repositories signed with a key using a weak digest algorithm.
architectures
list / elements=str		 Architectures to search within repository.
by_hash
bool		 Controls if APT should try to acquire indexes via a URI constructed from a hashsum of the expected file instead of using the well-known stable filename of the index.
check_date
bool		 Controls if APT should consider the machine's time correct and hence perform time related checks, such as verifying that a Release file is not from the future.
check_valid_until
bool		 Controls if APT should try to detect replay attacks.
components
list / elements=str		 Components specify different sections of one distribution version present in a C(Suite).
date_max_future
int		 Controls how far from the future a repository may be.
enabled
bool		 Tells APT whether the source is enabled or not.
inrelease_path
str		 Determines the path to the C(InRelease) file, relative to the normal position of an C(InRelease) file.
languages
list / elements=str		 Defines which languages information such as translated package descriptions should be downloaded.
mode
raw		 Default: 0644
 The octal mode for newly created files in C(sources.list.d).
name
str
required		 Name of the repo. Specifically used for C(X-Repolib-Name) and in naming the repository and signing key files.
pdiffs
bool		 Controls if APT should try to use C(PDiffs) to update old indexes instead of downloading the new indexes entirely.
signed_by
str		 Either a URL to a GPG key, absolute path to a keyring file, one or more fingerprints of keys either in the C(trusted.gpg) keyring or in the keyrings in the C(trusted.gpg.d/) directory, or an ASCII armored GPG public key block.
state
str		 Default: present
Choices: absent, present		 A source string state.
suites
list / elements=str		 Suite can specify an exact path in relation to the URI(s) provided, in which case the Components: must be omitted and suite must end with a slash (C(/)). Alternatively, it may take the form of a distribution version (for example a version codename like C(disco) or C(artful)). If the suite does not specify a path, at least one component must be present.
targets
list / elements=str		 Defines which download targets apt will try to acquire from this source.
trusted
bool		 Decides if a source is considered trusted or if warnings should be raised before, for example packages are installed from this source.
types
list / elements=str		 Default: ['deb']
Choices: deb, deb-src		 Which types of packages to look for from a given source; either binary V(deb) or source code V(deb-src).
uris
list / elements=str		 The URIs must specify the base of the Debian distribution archive, from which APT finds the information it needs.

Notes

Note

  • This module will not automatically update caches, call the M(ansible.builtin.apt) module based on the changed state.

Examples

- name: Add debian repo
  deb822_repository:
    name: debian
    types: deb
    uris: http://deb.debian.org/debian
    suites: stretch
    components:
      - main
      - contrib
      - non-free

- name: Add debian repo with key
  deb822_repository:
    name: debian
    types: deb
    uris: https://deb.debian.org
    suites: stable
    components:
      - main
      - contrib
      - non-free
    signed_by: |-
      -----BEGIN PGP PUBLIC KEY BLOCK-----

      mDMEYCQjIxYJKwYBBAHaRw8BAQdAD/P5Nvvnvk66SxBBHDbhRml9ORg1WV5CvzKY
      CuMfoIS0BmFiY2RlZoiQBBMWCgA4FiEErCIG1VhKWMWo2yfAREZd5NfO31cFAmAk
      IyMCGyMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQREZd5NfO31fbOwD6ArzS
      dM0Dkd5h2Ujy1b6KcAaVW9FOa5UNfJ9FFBtjLQEBAJ7UyWD3dZzhvlaAwunsk7DG
      3bHcln8DMpIJVXht78sL
      =IE0r
      -----END PGP PUBLIC KEY BLOCK-----

- name: Add repo using key from URL
  deb822_repository:
    name: example
    types: deb
    uris: https://download.example.com/linux/ubuntu
    suites: '{{ ansible_distribution_release }}'
    components: stable
    architectures: amd64
    signed_by: https://download.example.com/linux/ubuntu/gpg

Return Values

Key Data Type Description Returned
dest str Path to the repository file always
key_filename str Path to the signed_by key file always
repo str A source string for the repository always

Authors

  • Ansible Core Team (@ansible)