role: proxmox:: repo_list template

roles/ansible/defaults/main.yml

@@ -5,3 +5,42 @@ ansible__local_fact_template: aybarsm_linux.json.fact.j2
 ansible__local_fact_backup: true
 ansible__local_facts_dir: "{{ (not lookup('config', 'DEFAULT_FACT_PATH')) | ternary('/etc/ansible/facts.d', lookup('config', 'DEFAULT_FACT_PATH')) }}"
 ansible__local_fact_file: "{{ ansible__local_facts_dir }}/aybarsm_linux.fact"
+
+__ansible__config:
+  modules:
+    ansible_builtin_apt:
+      uniques: ['name']
+      aliases:
+        allow_downgrade: ['allow-downgrade', 'allow_downgrades', 'allow-downgrades']
+        allow_unauthenticated: ['allow-unauthenticated']
+        default_release: ['default-release']
+        install_recommends: ['install-recommends']
+        name: ['package', 'pkg']
+        update_cache: ['update-cache']
+    ansible_builtin_apt_repository:
+      uniques: ['repo']
+      aliases:
+        update_cache: ['update-cache']
+    ansible_builtin_apt_key:
+      uniques: ['keyserver', 'url', 'id', 'file']
+    ansible_builtin_dnf:
+      uniques: ['name']
+      aliases:
+        name: ['package', 'pkg']
+        update_cache: ['expire-cache']
+    ansible_builtin_yum_repository:
+      uniques: ['name']
+      aliases:
+        attributes: ['attr']
+        sslcacert: ['ca_cert']
+        sslclientcert: ['client_cert']
+        sslclientkey: ['client_key']
+        sslverify: ['validate_certs']
+    ansible_builtin_copy:
+      uniques: ['dest']
+      aliases:
+        attributes: ['attr']
+    ansible_builtin_template:
+      uniques: ['dest']
+      aliases:
+        attributes: ['attr']

roles/package_manager/handlers/main.yml

@@ -1,17 +1,17 @@
 ---
-- name: Update local facts for the host upgrade
-  ansible.builtin.include_role:
-    name: aybarsm.linux.ansible
-    tasks_from: update_local_facts.yml
-  vars:
-    ansible__local_fact_updates:
-      - path: package_manager.upgrade
-        value: "{{ (__ansible__local_facts.package_manager.upgrade | default([])) + [{'timestamp': now().utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ')}] }}"
-  register: package_manager__upgrade_update_local_facts
-  listen: "package_manager__upgrade_update_local_facts"
-  when:
-    - package_manager__upgrade_strategy is defined
-    - package_manager__upgrade_strategy == 'once'
+# - name: Update local facts for the host upgrade
+#   ansible.builtin.include_role:
+#     name: aybarsm.linux.ansible
+#     tasks_from: update_local_facts.yml
+#   vars:
+#     ansible__local_fact_updates:
+#       - path: package_manager.upgrade
+#         value: "{{ (__ansible__local_facts.package_manager.upgrade | default([])) + [{'timestamp': now().utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ')}] }}"
+#   register: package_manager__upgrade_update_local_facts
+#   listen: "package_manager__upgrade_update_local_facts"
+#   when:
+#     - package_manager__upgrade_strategy is defined
+#     - package_manager__upgrade_strategy == 'once'
 
 - name: Update DEB repo cache
   become: true

roles/package_manager/tasks/main.yml

@@ -1,51 +1,65 @@
 ---
-- name: Load OS related variables
-  ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml"
-
-- name: Load common variables structured on OS related variables
-  ansible.builtin.include_vars: common.yml
-
-- name: Import aybarsm linux ansible role
-  ansible.builtin.import_role:
-    name: aybarsm.linux.ansible
-
-- name: Set facts for package manager
-  ansible.builtin.import_tasks:
-    file: set_facts.yml
-  when: package_manager__role_enabled | default(false) | bool
-
-- name: Import DEB repository and repository key tasks (APT)
-  ansible.builtin.import_tasks:
-    file: deb.yml
-  when:
-    - package_manager__role_enabled | default(false) | bool
-    - ansible_os_family | lower == 'debian'
-
-- name: Check upgrade strategy once compliance
-  ansible.builtin.fail:
-    msg: "Upgrade strategy has been set to 'once' but the required conditions are not met. Please enable the role and manage local facts to use 'once' strategy."
-  when:
-    - package_manager__upgrade_strategy == 'once'
-    - not __package_manager__upgrade_once_eligible
-
-- name: Import upgrade tasks
-  ansible.builtin.import_tasks:
-    file: upgrade.yml
-  when:
-    - package_manager__role_enabled | default(false) | bool
-    - __package_manager__upgrade_perform
-
-- name: Import DEB package tasks (APT)
-  ansible.builtin.import_tasks:
-    file: deb_packages.yml
-  when:
-    - package_manager__role_enabled | default(false) | bool
-    - package_manager__package_strategy | lower == 'specific'
-    - ansible_os_family | lower == 'debian'
-
-- name: Import common package manager tasks
-  ansible.builtin.import_tasks:
-    file: common_packages.yml
-  when:
-    - package_manager__role_enabled | default(false) | bool
-    - package_manager__package_strategy | lower == 'common'
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Load OS related variables
+#   ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml"
+
+# HACK: This is a workaround to load the OS related variables for debug
+# - name: Load OS related variables
+#   ansible.builtin.include_vars: test.yml
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Load common variables structured on OS related variables
+#   ansible.builtin.include_vars: common.yml
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Import aybarsm linux ansible role
+#   ansible.builtin.import_role:
+#     name: aybarsm.linux.ansible
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Set facts for package manager
+#   ansible.builtin.import_tasks:
+#     file: set_facts.yml
+#   when: package_manager__role_enabled | default(false) | bool
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Import DEB repository and repository key tasks (APT)
+#   ansible.builtin.import_tasks:
+#     file: deb.yml
+#   when:
+#     - package_manager__role_enabled | default(false) | bool
+#     - ansible_os_family | default('') | lower == 'debian'
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Check upgrade strategy once compliance
+#   ansible.builtin.fail:
+#     msg: "Upgrade strategy has been set to 'once' but the required conditions are not met. Please enable the role and manage local facts to use 'once' strategy."
+#   when:
+#     - package_manager__upgrade_strategy == 'once'
+#     - __package_manager__upgrade_once_eligible is defined
+#     - not __package_manager__upgrade_once_eligible
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Import upgrade tasks
+#   ansible.builtin.import_tasks:
+#     file: upgrade.yml
+#   when:
+#     - package_manager__role_enabled | default(false) | bool
+#     - __package_manager__upgrade_perform
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Import DEB package tasks (APT)
+#   ansible.builtin.import_tasks:
+#     file: deb_packages.yml
+#   when:
+#     - package_manager__role_enabled | default(false) | bool
+#     - package_manager__package_strategy | lower == 'specific'
+#     - ansible_os_family | default('') | lower == 'debian'
+
+# FIXME: Commented out for testing. Uncomment after testing.
+# - name: Import common package manager tasks
+#   ansible.builtin.import_tasks:
+#     file: common_packages.yml
+#   when:
+#     - package_manager__role_enabled | default(false) | bool
+#     - package_manager__package_strategy | lower == 'common'

roles/package_manager/tasks/set_facts.yml

@@ -4,6 +4,10 @@
     __package_manager__upgrade_once_eligible: "{{ upgrade_once_eligible }}"
     __package_manager__upgrade_perform: "{{ is_upgrade_always or (is_upgrade_once and upgrade_once_eligible and not is_upgrade_defined) }}"
     __package_manager__upgrade_clean: "{{ package_manager__upgrade_mode in __package_manager__clean_upgrade_modes }}"
+    __package_manager_default_repo_list_templates: "{{ repo_list_templates |
+      aybarsm.helper.selectattr([{when: ['type', 'defined'], ['type', 'equalto', 'default']}]) | default([]) }}"
+    __package_manager_repo_list_templates: "{{ repo_list_templates |
+      aybarsm.helper.rejectattr([{when: ['type', 'defined'], ['type', 'equalto', 'default']}]) | default([]) }}"
   vars:
     is_upgrade_once: "{{ package_manager__upgrade_strategy == 'once' }}"
     is_upgrade_always: "{{ package_manager__upgrade_strategy == 'always' }}"
@@ -12,4 +16,6 @@
     is_local_facts_defined: "{{ __ansible__local_facts is defined }}"
     is_upgrade_defined: "{{ __ansible__local_facts.package_manager.upgrade is defined }}"
     upgrade_once_eligible: "{{ is_ansible_role and is_manage_local_facts and is_local_facts_defined }}"
+    repo_list_templates: "{{ package_manager__repo_list_templates |
+      aybarsm.helper.selectattr([{when: [['src', 'defined'], ['dest', 'defined']]}]) | default([]) }}"
   register: package_manager__set_facts

roles/package_manager/tasks/upgrade.yml

@@ -1,13 +1,18 @@
 ---
-- name: Gather main repo list file stats (Clean Upgrade)
+- name: Deploy default main repo list files (Clean Upgrade)
   become: true
-  ansible.builtin.stat:
-    path: "{{ package_manager__repo_list_file }}"
-  register: package_manager__upgrade_main_repo_list_stat
+  ansible.builtin.template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    backup: "{{ item.backup | default(true) | bool }}"
+  loop: "{{ package_manager__main_repo_list_files }}"
+  vars:
+    default_repo_lists: "{{ package_manager__main_repo_list_files | selectattr('type', 'defined') | selectattr('type', 'equalto', 'default') | list }}"
+  register: package_manager__upgrade_
   when: 
     - __package_manager__upgrade_clean | default(false) | bool
-    - __package_manager__has_main_repo_list | default(ansible_os_family | lower == 'debian') | bool
-    - package_manager__repo_list_file is defined
+    - package_manager__main_repo_list_files is defined
+    - package_manager__main_repo_list_files | selectattr('type', 'defined') | selectattr('type', 'equalto', 'default') | length > 0
 
 - name: Find repo source files (Clean Upgrade)
   become: true

roles/package_manager/templates/etc/apk/alpine.repositories.j2

@@ -0,0 +1,5 @@
+# {{ ansible_managed }}
+
+{% set ver_distrib_major_minor = ansible_distribution_version | regex_replace('(\\.[^.]*).*$', '\\1') %}
+https://dl-cdn.alpinelinux.org/alpine/v{{ ver_distrib_major_minor }}/main
+https://dl-cdn.alpinelinux.org/alpine/v{{ ver_distrib_major_minor }}/community

roles/package_manager/templates/etc/apt/debian.sources.list.j2

@@ -0,0 +1,10 @@
+# {{ ansible_managed }}
+
+deb http://deb.debian.org/debian/ {{ ansible_distribution_release | lower }} main
+deb-src http://deb.debian.org/debian/ {{ ansible_distribution_release | lower }} main
+
+deb http://security.debian.org/debian-security {{ ansible_distribution_release | lower }}-security main
+deb-src http://security.debian.org/debian-security {{ ansible_distribution_release | lower }}-security main
+
+deb http://deb.debian.org/debian/ {{ ansible_distribution_release | lower }}-updates main
+deb-src http://deb.debian.org/debian/ {{ ansible_distribution_release | lower }}-updates main

roles/package_manager/templates/etc/apt/sources.list.d/temp.disabled.list.j2

@@ -0,0 +1,2 @@
+# {{ ansible_managed }}
+# This file is temproray disabled

roles/package_manager/templates/etc/apt/ubuntu.sources.list.j2

@@ -0,0 +1,16 @@
+# {{ ansible_managed }}
+
+deb http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }} main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }} main restricted universe multiverse
+
+deb http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }}-updates main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }}-updates main restricted universe multiverse
+
+deb http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }}-security main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }}-security main restricted universe multiverse
+
+deb http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }}-backports main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release | lower }}-backports main restricted universe multiverse
+
+deb http://archive.canonical.com/ubuntu {{ ansible_distribution_release | lower }} partner
+deb-src http://archive.canonical.com/ubuntu {{ ansible_distribution_release | lower }} partner

roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-appstream.repo.j2

@@ -0,0 +1,32 @@
+# {{ ansible_managed }}
+
+[appstream]
+name=AlmaLinux $releasever - AppStream
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream
+# baseurl=https://repo.almalinux.org/almalinux/$releasever/AppStream/$basearch/os/
+enabled=1
+gpgcheck=1
+countme=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}
+metadata_expire=86400
+enabled_metadata=1
+
+[appstream-debuginfo]
+name=AlmaLinux $releasever - AppStream - Debug
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream-debug
+# baseurl=https://repo.almalinux.org/vault/$releasever/AppStream/debug/$basearch/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}
+metadata_expire=86400
+enabled_metadata=0
+
+[appstream-source]
+name=AlmaLinux $releasever - AppStream - Source
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream-source
+# baseurl=https://repo.almalinux.org/vault/$releasever/AppStream/Source/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}
+metadata_expire=86400
+enabled_metadata=0

roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-baseos.repo.j2

@@ -0,0 +1,32 @@
+# {{ ansible_managed }}
+
+[baseos]
+name=AlmaLinux $releasever - BaseOS
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos
+# baseurl=https://repo.almalinux.org/almalinux/$releasever/BaseOS/$basearch/os/
+enabled=1
+gpgcheck=1
+countme=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}
+metadata_expire=86400
+enabled_metadata=1
+
+[baseos-debuginfo]
+name=AlmaLinux $releasever - BaseOS - Debug
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos-debug
+# baseurl=https://repo.almalinux.org/vault/$releasever/BaseOS/debug/$basearch/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}
+metadata_expire=86400
+enabled_metadata=0
+
+[baseos-source]
+name=AlmaLinux $releasever - BaseOS - Source
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos-source
+# baseurl=https://repo.almalinux.org/vault/$releasever/BaseOS/Source/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}
+metadata_expire=86400
+enabled_metadata=0