This role is NO LONGER SUPPORTED, please take a look to debops.apt, debops.apt_install, debops.apt_preferences and all others DebOps apt_* roles.

1. Overview
2. Role Variables
3. Example Playbook
4. Configuration
   • APT Configuration
   • Sources List
   • Preferences
   • Tools
5. Development
6. License
7. Author Information

Manage APT repos, preferences and configuration for IPR's servers.

• apt_conf_update_pkg_lists : Period of automatic repositories update in days [default : 1].
• apt_conf_download_upgradeable_pkg : Period of automatic download of upgradeable packages in days [default : 1].
• apt_conf_auto_clean_interval : Period of automatic clean of no longer available packages [default : 0].
• apt_conf_purge_list : The list of default APT configuration files sets by differents packages.
• apt_conf_purge_manage : If the purge of default configuration should be managed [default : true].
• apt_src_list_manage : If apt sources list files should be managed [default : true].
• apt_purge_src_list_file : If the default sources.file must be absent [default : true].
• apt_stretch_manage : If Stretch configuration should be managed [default : true].
• apt_default_pref_path : Path to set the default preferences file for all repositories [default : /etc/apt/preferences.d/default.pref].
• apt_default_pref_tpl : Template used to generate the previous config file [default : etc/apt/preferences.d/default.pref.j2].
• apt_tools_list : The list of additionnals tools to install [default see below].
• apt_tools_state : State of new tools [default : installed].
• apt_tools_manage : If those tools should be managed by the role [default : true].
• apt_unwanted_pkg_list : The list of totally useless packages for a production server [default see below].
• apt_unwanted_pkg_state : State of old packages [default : absent].
• apt_unwanted_pkg_manage : If those old packages should be managed by the role [default : true].
• apt_unattended_upgrades : If unattended-upgrades should be managed by the role [default : yes].
• apt_unattended_upgrades_blacklist : List of packages to not update (regexp are supported) [default : []].

• Use defaults vars :

- hosts: serverXYZ
  roles:
    - role: ipr-cnrs.apt

• For a system with an X session, you may let the old packages unmanaged :

- hosts: serverXYZ
  roles:
    - role: ipr-cnrs.apt
      apt_unwanted_pkg_manage: false

• Ensure to never remove some packages pattern.
• Set general APT configurations.
• Set periodic actions.
• Set dpkg default values.
• Set unattended-upgrades config.
• Purge default configuration files sets by others apps.

Manage Debian's sources.list :

• Add Stretch repositories (main, security and backports).
• Remove the default /etc/apt/sources.list file.
• Update Apt if any repositories modifications.

• Set the preferences for all repositories, default to :
  • Stretch - 510.
  • Stretch Backports - 500.

• Ensure to install :
  • aptitude (better than apt to resolve dependencies issues)
• Ensure to remove really useless packages from a default installation :
  • laptop-detect (if a server is a laptop…)
  • tasksel (simple interface)
• Manage unattended-upgrades.

This source code comes from our Gogs instance and the Github repo exist just to be able to send the role to Ansible Galaxy…

But feel free to send issue/PR here :)

Thanks to this hook, Github automatically got updates from our Gogs instance :)

WTFPL

Jérémy Gardais

• Source : on IPR's Gogs
• IPR (Institut de Physique de Rennes)