From b3b634f9154f246f9e0fdd08070f6f4f30fbe4c2 Mon Sep 17 00:00:00 2001 From: Sandwich Date: Sun, 22 Feb 2026 10:47:47 +0100 Subject: [PATCH] feat(configuration): add Debian/Ubuntu repository and apt configuration --- roles/configuration/tasks/main.yml | 2 ++ roles/configuration/tasks/repositories.yml | 25 +++++++++++++++++++ .../templates/debian.sources.list.j2 | 15 +++++++++++ .../templates/ubuntu.sources.list.j2 | 16 ++++++++++++ 4 files changed, 58 insertions(+) create mode 100644 roles/configuration/tasks/repositories.yml create mode 100644 roles/configuration/templates/debian.sources.list.j2 create mode 100644 roles/configuration/templates/ubuntu.sources.list.j2 diff --git a/roles/configuration/tasks/main.yml b/roles/configuration/tasks/main.yml index bd4b1aa..756a26c 100644 --- a/roles/configuration/tasks/main.yml +++ b/roles/configuration/tasks/main.yml @@ -6,6 +6,8 @@ when: configuration_task.when | default(true) ansible.builtin.include_tasks: "{{ configuration_task.file }}" loop: + - file: repositories.yml + when: "{{ os_family == 'Debian' }}" - file: banner.yml - file: fstab.yml - file: locales.yml diff --git a/roles/configuration/tasks/repositories.yml b/roles/configuration/tasks/repositories.yml new file mode 100644 index 0000000..391a621 --- /dev/null +++ b/roles/configuration/tasks/repositories.yml @@ -0,0 +1,25 @@ +--- +- name: Write final sources.list + vars: + _debian_release_map: + "10": buster + "11": bullseye + "12": bookworm + "13": trixie + unstable: sid + _ubuntu_release_map: + ubuntu: questing + ubuntu-lts: noble + ansible.builtin.template: + src: "{{ os | replace('-lts', '') }}.sources.list.j2" + dest: /mnt/etc/apt/sources.list + mode: "0644" + +- name: Ensure apt performance configuration persists + ansible.builtin.copy: + dest: /mnt/etc/apt/apt.conf.d/99performance + content: | + Acquire::Retries "3"; + Acquire::http::Pipeline-Depth "10"; + APT::Install-Recommends "false"; + mode: "0644" diff --git a/roles/configuration/templates/debian.sources.list.j2 b/roles/configuration/templates/debian.sources.list.j2 new file mode 100644 index 0000000..9a29a77 --- /dev/null +++ b/roles/configuration/templates/debian.sources.list.j2 @@ -0,0 +1,15 @@ +# Managed by Ansible. +{% set release = _debian_release_map[os_version | string] | default('trixie') %} +{% set mirror = system_cfg.mirror %} +{% set components = 'main contrib non-free' ~ (' non-free-firmware' if (os_version | string) not in ['10', '11'] else '') %} + +deb {{ mirror }} {{ release }} {{ components }} +deb-src {{ mirror }} {{ release }} {{ components }} +{% if release != 'sid' %} + +deb https://security.debian.org/debian-security {{ release }}-security {{ components }} +deb-src https://security.debian.org/debian-security {{ release }}-security {{ components }} + +deb {{ mirror }} {{ release }}-updates {{ components }} +deb-src {{ mirror }} {{ release }}-updates {{ components }} +{% endif %} diff --git a/roles/configuration/templates/ubuntu.sources.list.j2 b/roles/configuration/templates/ubuntu.sources.list.j2 new file mode 100644 index 0000000..8f6a89f --- /dev/null +++ b/roles/configuration/templates/ubuntu.sources.list.j2 @@ -0,0 +1,16 @@ +# Managed by Ansible. +{% set release = _ubuntu_release_map[os] | default('noble') %} +{% set mirror = system_cfg.mirror %} +{% set components = 'main restricted universe multiverse' %} + +deb {{ mirror }} {{ release }} {{ components }} +deb-src {{ mirror }} {{ release }} {{ components }} + +deb {{ mirror }} {{ release }}-updates {{ components }} +deb-src {{ mirror }} {{ release }}-updates {{ components }} + +deb {{ mirror }} {{ release }}-security {{ components }} +deb-src {{ mirror }} {{ release }}-security {{ components }} + +deb {{ mirror }} {{ release }}-backports {{ components }} +deb-src {{ mirror }} {{ release }}-backports {{ components }}