update..

roles/ansible_dependencies-bookworm/tasks/main.yml

@@ -0,0 +1,47 @@
+---
+
+- name: re-synchronize the package index files from their sources
+  raw: apt-get update
+  
+- name: Ensure aptitude is present
+  raw: test -e /usr/bin/aptitude || apt-get install aptitude -y
+
+- name: Ensure python3 is present (This is necessary for ansible to work properly)
+  raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3)
+
+- name: Ensure python-is-python3 is present (This is necessary for ansible to work properly)
+  raw: test -e /usr/bin/python3 && (apt -y update && apt install -y python-is-python3)
+
+- name: Ensure python-apt-common is present (This is necessary for ansible to work properly)
+  raw: test -e  /usr/bin/python && (apt -y update && apt install -y python-apt-common)
+
+- name: Ensure python-apt is present (This is necessary for ansible to work properly)
+  raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-apt)
+
+- name: dpkg --configure -a
+  command: >
+    dpkg --configure -a
+  args:
+    warn: false
+  changed_when: _dpkg_configure.stdout_lines | length
+  register: _dpkg_configure
+  when: apt_dpkg_configure|bool
+  tags:
+    - ansible-dependencies
+
+- name: apt upgrade
+  apt:
+    upgrade: "{{ apt_upgrade_type }}"
+    update_cache: true
+    dpkg_options: "{{ apt_upgrade_dpkg_options | join(',') }}"
+  when: apt_upgrade|bool
+  tags:
+    - ansible-dependencies
+
+- name: apt install ansible dependencies
+  apt:
+    name: "{{ apt_ansible_dependencies }}"
+    state: "{{ apt_install_state }}"
+  tags:
+    - ansible-dependencies
+

roles/common/tasks/apt.yml

@@ -96,6 +96,18 @@
     - apt-initial-install
 
 
+- name: (apt.yml) Initial install debian packages (bookworm)
+  apt:
+    name: "{{ apt_initial_install_bookworm }}"
+    state: "{{ apt_install_state }}"
+  when:
+    - apt_initial_install_bookworm is defined and apt_initial_install_bookworm|length > 0
+    - ansible_facts['distribution'] == "Debian"
+    - ansible_facts['distribution_major_version'] == "12"
+  tags:
+    - apt-initial-install
+
+
 - name: (apt.yml) Initial install ubuntu packages (bionic)
   apt:
     name: "{{ apt_initial_install_bionic }}"
@@ -146,7 +158,7 @@
     - apt-microcode
 
 
-- name: (apt.yml) Install CPU microcode (debian buster/bullseye)
+- name: (apt.yml) Install CPU microcode (debian buster/bullseye/bookworm)
   apt:
     name: "{{ microcode_intel_package }}"
     state: present
@@ -154,7 +166,7 @@
   when:
     - apt_debian_contrib_nonfree_enable
     - ansible_facts['distribution'] == "Debian"
-    - ansible_facts['distribution_major_version'] == "10" or ansible_facts['distribution_major_version'] == "11"
+    - ansible_facts['distribution_major_version'] == "10" or ansible_facts['distribution_major_version'] == "11"or ansible_facts['distribution_major_version'] == "12"
     - ansible_facts['processor']|string is search("Intel")
   tags:
     - apt-initial-install

roles/common/tasks/nis-install-server.yml

@@ -66,18 +66,20 @@
   when:
     - ansible_facts['distribution'] == "Debian"
     - ansible_distribution_major_version|int >= 11
-    - ansible_distribution_major_version|int <= 12
     - file_etc_pam_d_common_password.stat.exists == True
 
+    #- ansible_distribution_major_version|int <= 12
+
 - name: (nis-install-server.yml) Change default password hash for local system accounts from SHA-512 to yescrypt
   shell: perl -i -n -p -e "s/^(password.+)yescrypt/\1sha512/" /etc/pam.d/common-password
   when:
     - ansible_facts['distribution'] == "Debian"
     - ansible_facts['distribution_major_version']|int >= 11
-    - ansible_facts['distribution_major_version']|int <= 12
     - file_etc_pam_d_common_password.stat.exists == True
     - presence_of_passwprd_hashing_yescrypt is changed
 
+    #- ansible_facts['distribution_major_version']|int <= 12
+
 
 # ---
 # /etc/default/nis