get rid of deprecated code.

apt-migrate-to-trixie.yml

@@ -0,0 +1,121 @@
+---
+
+# ---
+# deb822 ist das neue Konfigurationsformats für APT-Quellen (Repositories).
+# Es basiert auf der Debian Control Syntax nach RFC 822 – daher der Name
+# ---
+
+- name: Nur APT auf Debian 13 (Trixie) migrieren
+  hosts: all
+  become: true
+  gather_facts: true
+
+  vars:
+    target_release: trixie
+    debian_mirror: "http://deb.debian.org/debian"
+    security_mirror: "http://security.debian.org/debian-security"
+    components: "main contrib non-free non-free-firmware"
+    enable_backports: true         # auf false setzen, wenn du keine Backports willst
+    pin_backports_low: true        # Backports nur auf Anfrage
+    # Nur manuelle Installation/Upgrade aus Backports:
+    #    backports_pin_priority: 100
+    #
+    # Automatische Updates für bereits installierte Backports-Pakete.
+    #    backports_pin_priority: 500 (>= 500)
+    #
+    backports_pin_priority: 100    # 100 = nie automatisch bevorzugen
+    apt_cache_valid_time: 3600
+    # Für offizielle Debian-Repos brauchst es kein Signed-By, weil debian-archive-keyring 
+    # ohnehin systemweit vertrauenswürdig ist.
+    #
+    use_signed_by: true  # oder false, wenn du Option A willst
+    # Wenn Signed-By explizit gesetzt werden soll, dann nutze den Keyring-Pfad und stelle sicher, 
+    # dass das Paket installiert ist.
+    signed_by_keyring: "/usr/share/keyrings/debian-archive-keyring.gpg"
+
+  pre_tasks:
+    - name: Sicherstellen, dass wir Debian sind
+      assert:
+        that:
+          - ansible_facts['os_family'] == "Debian"
+        fail_msg: "Dieses Playbook ist nur für Debian geeignet."
+
+  tasks:
+
+    - name: Keyring für Debian-Archive sicherstellen (falls Signed-By genutzt)
+      ansible.builtin.apt:
+        name: debian-archive-keyring
+        state: present
+      when: use_signed_by
+
+    - name: (Optional) Alte /etc/apt/sources.list sichern
+      ansible.builtin.copy:
+        src: /etc/apt/sources.list
+        dest: /etc/apt/sources.list.before-trixie
+        remote_src: true
+        force: false
+      ignore_errors: true
+
+    - name: Alte /etc/apt/sources.list deaktivieren (leere Kommentar-Datei)
+      ansible.builtin.copy:
+        dest: /etc/apt/sources.list
+        content: |
+          # Verwaltet via Ansible. Repositories liegen in /etc/apt/sources.list.d/*.sources (deb822).
+          # Zielrelease: {{ target_release }}
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Debian-Repo (deb + deb-src) als deb822 anlegen
+      ansible.builtin.template:
+        src: templates/apt-migrate-to-trixie/debian.sources.j2
+        dest: /etc/apt/sources.list.d/debian.sources
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Security-Repo (deb + deb-src) als deb822 anlegen
+      ansible.builtin.template:
+        src: templates/apt-migrate-to-trixie/security.sources.j2
+        dest: /etc/apt/sources.list.d/security.sources
+        owner: root
+        group: root
+        mode: "0644"
+
+    - name: Backports-Repo (optional) als deb822 anlegen/entfernen
+      ansible.builtin.template:
+        src: templates/apt-migrate-to-trixie/backports.sources.j2
+        dest: /etc/apt/sources.list.d/backports.sources
+        owner: root
+        group: root
+        mode: "0644"
+      when: enable_backports
+    - name: Backports-Repo entfernen wenn deaktiviert
+      ansible.builtin.file:
+        path: /etc/apt/sources.list.d/backports.sources
+        state: absent
+      when: not enable_backports
+
+    - name: Optionales Backports-Pinning setzen
+      ansible.builtin.template:
+        src: templates/apt-migrate-to-trixie/99-backports.j2
+        dest: /etc/apt/preferences.d/99-backports
+        owner: root
+        group: root
+        mode: "0644"
+      when: enable_backports and pin_backports_low
+
+    - name: APT-Cache aktualisieren
+      ansible.builtin.apt:
+        update_cache: yes
+        cache_valid_time: "{{ apt_cache_valid_time }}"
+
+    - name: Verifikation - zeigen, ob Suites auf trixie stehen
+      ansible.builtin.command: apt-cache policy
+      register: apt_policy
+      changed_when: false
+
+    - name: Ausgabe anzeigen (nur Info)
+      ansible.builtin.debug:
+        msg: "{{ apt_policy.stdout.split('\n') | select('search', 'trixie') | list | join('\n') }}"
+

group_vars/all/main.yml

@@ -2,7 +2,6 @@
 
 ansible_managed: >
   *** ANSIBLE MANAGED FILE - DO NOT EDIT ***
-  This file was generated by {{ ansible_user_id }} on {{ ansible_date_time.iso8601 }}
 
 
 ansible_python_interpreter: /usr/bin/python3
@@ -785,7 +784,6 @@ apt_initial_install_trixie:
   - patchutils
   - perl
   - perl-doc
-  - perl-modules
   - psmisc
   - quota
   - quotatool
@@ -824,6 +822,9 @@ apt_initial_install_trixie:
   - zip
   - zsh
 
+  #- perl-modules
+
+
 apt_initial_install_xenial:
   - apt-transport-https
   - dbus

roles/common/tasks/apt.yml

@@ -2,7 +2,7 @@
 
 - name: (apt.yml) update configuration file - /etc/apt/sources.list
   template:
-    src: "etc/apt/sources.list.{{ ansible_distribution }}.j2"
+    src: "etc/apt/sources.list.{{ ansible_facts['distribution'] }}.j2"
     dest: /etc/apt/sources.list
     owner: root
     group: root
@@ -11,6 +11,7 @@
   when:
     - ansible_facts['distribution'] == "Debian"
     - apt_manage_sources_list|bool
+    - (ansible_facts['distribution_major_version'] | int) < 13
   tags:
     - apt-configuration
 
@@ -167,7 +168,7 @@
   apt:
     name: "{{ microcode_intel_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}-backports"
+    default_release: "{{ ansible_facts['distribution_release'] }}-backports"
   when:
     - apt_backports_enable
     - ansible_facts['distribution'] == "Debian"
@@ -182,7 +183,7 @@
   apt:
     name: "{{ microcode_intel_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - apt_debian_contrib_nonfree_enable
     - ansible_facts['distribution'] == "Debian"
@@ -197,7 +198,7 @@
   apt:
     name: "{{ microcode_amd_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - apt_debian_contrib_nonfree_enable
     - ansible_facts['distribution'] == "Debian"
@@ -212,7 +213,7 @@
   apt:
     name: "{{ microcode_intel_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - ansible_facts['distribution'] == "Ubuntu"
     - ansible_facts['distribution_release'] == "bionic"
@@ -226,7 +227,7 @@
   apt:
     name: "{{ microcode_amd_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - apt_debian_contrib_nonfree_enable
     - ansible_facts['distribution'] == "Ubuntu"
@@ -241,7 +242,7 @@
   apt:
     name: "{{ microcode_intel_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - ansible_facts['distribution'] == "Ubuntu"
     - ansible_facts['distribution_release'] == "xenial"
@@ -255,7 +256,7 @@
   apt:
     name: "{{ microcode_amd_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - apt_debian_contrib_nonfree_enable
     - ansible_facts['distribution'] == "Ubuntu"
@@ -270,7 +271,7 @@
   apt:
     name: "{{ microcode_intel_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - ansible_facts['distribution'] == "Ubuntu"
     - ansible_facts['distribution_release'] == "jammy" or ansible_facts['distribution_release'] == "noble"
@@ -284,7 +285,7 @@
   apt:
     name: "{{ microcode_amd_package }}"
     state: present
-    default_release: "{{ ansible_distribution_release }}"
+    default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - apt_debian_contrib_nonfree_enable
     - ansible_facts['distribution'] == "Ubuntu"
@@ -302,7 +303,7 @@
   apt:
      name: "{{ firmware_packages_ubuntu }}"
      state: present
-     default_release: "{{ ansible_distribution_release }}"
+     default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - ansible_facts['distribution'] == "Ubuntu"
   tags:
@@ -314,7 +315,7 @@
   apt:
      name: "{{ firmware_packages_debian }}"
      state: present
-     default_release: "{{ ansible_distribution_release }}"
+     default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - ansible_facts['distribution'] == "Debian"
   tags:
@@ -326,7 +327,7 @@
   apt:
      name: "{{ firmware_non_free_packages_debian }}"
      state: present
-     default_release: "{{ ansible_distribution_release }}"
+     default_release: "{{ ansible_facts['distribution_release'] }}"
   when:
     - ansible_facts['distribution'] == "Debian"
     - apt_debian_contrib_nonfree_enable

roles/common/tasks/main.yml

@@ -238,7 +238,7 @@
 - name: "For OS: Ubuntu 16.04LTS, Arch: amd64"
   import_tasks: ubuntu-x11vnc-1604-amd64.yml
   when:
-    - ansible_distribution_version ==  "16.04"
+    - ansible_facts["distribution_version"] ==  "16.04"
     - ansible_architecture == "x86_64"
   tags:
     - x11vnc
@@ -249,7 +249,7 @@
 - name: "For OS: Ubuntu 18.04LTS, Arch: amd64"
   import_tasks: ubuntu-x11vnc-1804-amd64.yml
   when:
-    - ansible_distribution_version ==  "18.04"
+    - ansible_facts["distribution_version"] ==  "18.04"
     - ansible_architecture == "x86_64"
   tags:
     - x11vnc
@@ -260,7 +260,7 @@
 - name: "For OS: Ubuntu 20.04LTS, Arch: amd64"
   import_tasks: ubuntu-x11vnc-2004-amd64.yml
   when:
-    - ansible_distribution_version ==  "20.04"
+    - ansible_facts["distribution_version"] ==  "20.04"
     - ansible_architecture == "x86_64"
   tags:
     - x11vnc
@@ -271,7 +271,7 @@
 - name: "For OS: Ubuntu 22.04LTS, Arch: amd64"
   import_tasks: ubuntu-x11vnc-2204-amd64.yml
   when:
-    - ansible_distribution_version ==  "22.04"
+    - ansible_facts["distribution_version"] ==  "22.04"
     - ansible_architecture == "x86_64"
   tags:
     - x11vnc

roles/common/tasks/nfs.yml

@@ -11,8 +11,8 @@
       - nfs-kernel-server
     state: present
   when:
-    - ansible_os_family == "Debian"
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - ansible_facts['os_family'] == "Debian"
+    - inventory_hostname in groups['nfs_server']
   tags:
     - nfs-server
 
@@ -27,7 +27,7 @@
   loop_control:
     label: '{{ item.path }}'
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
   tags:
     - nfs-server
 
@@ -39,7 +39,7 @@
     group: root
     mode: 0644
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
   notify: Reload nfs
   tags:
     - nfs-server
@@ -50,14 +50,14 @@
     enabled: yes
     masked: no
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
 
 - name: Make sure service rpc-statd is running
   systemd:
     state: started
     name: rpc-statd
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
   tags:
     - nfs-server
 
@@ -70,14 +70,14 @@
     path: /etc/default/nfs-kernel-server
   register: default_nfs_kernel_server_exists
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
   tags:
     - nfs-server
 
 - name: (nfs.yml) Backup existing file /etc/default/nfs-kernel-server
   command: cp -a /etc/default/nfs-kernel-server /etc/default/nfs-kernel-server.ORIG
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
     - default_nfs_kernel_server_exists.stat.exists == False
   tags:
     - nfs-server
@@ -88,7 +88,7 @@
     regexp: '^RPCNFSDCOUNT=.*'
     replace: "RPCNFSDCOUNT={{ nfs_start_servers | default('16') }}"
   when:
-    - "groups['nfs_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_server']
   tags:
     - nfs-server
 
@@ -132,8 +132,8 @@
     pkg: nfs-common
     state: present
   when: 
-    - ansible_os_family == "Debian"
-    - "groups['nfs_client']|string is search(inventory_hostname)"
+    - ansible_facts['os_family'] == "Debian"
+    - inventory_hostname in groups['nfs_client']
   tags:
     - nfs-client
 
@@ -150,7 +150,7 @@
   loop_control:
     label: '{{ item.src }}'
   when:
-    - "groups['nfs_client']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['nfs_client']
   tags:
     - nfs-client
 

roles/common/tasks/nis-install-server.yml

@@ -71,7 +71,7 @@
     - presence_of_passwprd_hashing_yescrypt.rc >= 2
   when:
     - ansible_facts['distribution'] == "Debian"
-    - ansible_distribution_major_version|int >= 11
+    - ansible_facts['distribution_major_version']|int >= 11
     - file_etc_pam_d_common_password.stat.exists == True
 
     #- ansible_distribution_major_version|int <= 12

roles/common/tasks/nis-user.yml

@@ -61,7 +61,8 @@
   loop_control:
     label: '{{ item.name }}'
   when:
-    - item.name not in getent_passwd
+    - ansible_facts.getent_passwd is defined
+    - item.name not in ansible_facts.getent_passwd
   notify: Renew nis databases
   tags:
     - nis-user

roles/common/tasks/ntp.yml

@@ -10,7 +10,7 @@
       - ntpsec
     state: present
   when:
-    - ansible_os_family == "Debian"
+    - ansible_facts.os_family == "Debian"
     - groups['file_server']|string is search(inventory_hostname)
   tags:
     - ntp-server
@@ -33,7 +33,7 @@
     group: ntpsec
     mode: '0755'
   when:
-    - ansible_distribution == "Debian"
+    - ansible_facts.distribution == "Debian"
 
 
 - name: (ntp.yml) Backup installation version of file '/etc/ntpsec/ntp.conf'

roles/common/tasks/system-user.yml

@@ -57,7 +57,8 @@
   loop_control:
     label: '{{ item.name }}'
   when:
-    - item.name not in getent_passwd
+    - ansible_facts.getent_passwd is defined
+    - item.name not in ansible_facts.getent_passwd
   notify: Renew nis databases
   tags:
     - system-user

roles/common/templates/etc/apt/sources.list.Debian.j2

@@ -1,57 +1,57 @@
 # {{ ansible_managed }}
 
-deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} main
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }} main
+deb {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }} main
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }} main
 
 {% if ansible_facts['distribution_major_version'] | int >= 12 %}
-deb http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free non-free-firmware
+deb http://security.debian.org/debian-security {{ ansible_facts['lsb']['codename'] }}-security main contrib non-free non-free-firmware
 {% elif ansible_facts['distribution_major_version'] | int == 11 %}
-deb http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free
+deb http://security.debian.org/debian-security {{ ansible_facts['lsb']['codename'] }}-security main contrib non-free
 {% else %}
-deb http://security.debian.org/ {{ ansible_lsb.codename }}/updates main contrib non-free
+deb http://security.debian.org/ {{ ansible_facts['lsb']['codename'] }}/updates main contrib non-free
 {% endif %}
 {% if not apt_src_enable %}
 {% if ansible_facts['distribution_major_version'] | int >= 12 %}
-#deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free non-free-firmware
+#deb-src http://security.debian.org/debian-security {{ ansible_facts['lsb']['codename'] }}-security main contrib non-free non-free-firmware
 {% elif ansible_facts['distribution_major_version'] | int == 11 %}
-#deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free
+#deb-src http://security.debian.org/debian-security {{ ansible_facts['lsb']['codename'] }}-security main contrib non-free
 {% else %}
-#deb-src http://security.debian.org/ {{ ansible_lsb.codename }}/updates main contrib non-free
+#deb-src http://security.debian.org/ {{ ansible_facts['lsb']['codename'] }}/updates main contrib non-free
 {% endif %}
 {% else %}
 {% if ansible_facts['distribution_major_version'] | int >= 12 %}
-deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free non-free-firmware
+deb-src http://security.debian.org/debian-security {{ ansible_facts['lsb']['codename'] }}-security main contrib non-free non-free-firmware
 {% elif ansible_facts['distribution_major_version'] | int == 11 %}
-deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free
+deb-src http://security.debian.org/debian-security {{ ansible_facts['lsb']['codename'] }}-security main contrib non-free
 {% else %}
-deb-src http://security.debian.org/ {{ ansible_lsb.codename }}/updates main contrib non-free
+deb-src http://security.debian.org/ {{ ansible_facts['lsb']['codename'] }}/updates main contrib non-free
 {% endif %}
 {% endif %}
 
-# {{ ansible_lsb.codename }}-updates, previously known as 'volatile'
-deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates main
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates main
+# {{ ansible_facts['lsb']['codename'] }}-updates, previously known as 'volatile'
+deb {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }}-updates main
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }}-updates main
 
 # Contrib packages contain DFSG-compliant software,
 # but have dependencies not in main (possibly packaged for Debian in non-free).
 # Non-free contains software that does not comply with the DFSG.
 {% if apt_debian_contrib_nonfree_enable %}
 {% if ansible_facts['distribution_major_version'] | int >= 12 %}
-deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free non-free-firmware
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free non-free-firmware
+deb {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }} contrib non-free non-free-firmware
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }} contrib non-free non-free-firmware
 {% else %}
-deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free
+deb {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }} contrib non-free
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }} contrib non-free
 {% endif %}
 {% endif %}
 
 {% if apt_debian_contrib_nonfree_enable %}
 {% if ansible_facts['distribution_major_version'] | int >= 12 %}
-deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free non-free-firmware
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free non-free-firmware
+deb {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }}-updates contrib non-free non-free-firmware
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }}-updates contrib non-free non-free-firmware
 {% else %}
-deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free
+deb {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }}-updates contrib non-free
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['lsb']['codename'] }}-updates contrib non-free
 {% endif %}
 {% endif %}
 
@@ -60,11 +60,11 @@ deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates contrib non-free
 # # newer versions of some applications which may provide useful features.
 {% if apt_backports_enable %}
 {% if ansible_facts['distribution_major_version'] | int >= 12 %}
-deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free non-free-firmware
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free non-free-firmware
+deb {{ apt_debian_mirror }} {{ ansible_facts['distribution_release'] }}-backports main contrib non-free non-free-firmware
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['distribution_release'] }}-backports main contrib non-free non-free-firmware
 {% else %}
-deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free
-{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free
+deb {{ apt_debian_mirror }} {{ ansible_facts['distribution_release'] }}-backports main contrib non-free
+{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_facts['distribution_release'] }}-backports main contrib non-free
 {% endif %}
 {% endif %}
 

roles/common/templates/etc/sudoers.d/50-user.server.j2

@@ -32,7 +32,7 @@ back {{ item }}
 {% endfor -%}
 
 
-{%- if ansible_virtualization_role == 'host' %}
+{%- if ansible_facts.virtualization_role == 'host' %}
 
 {% for item in sudoers_server_file_user_back_disk_privileges | default([]) %}
 back {{ item }}

templates/apt-migrate-to-trixie/99-backports.j2

@@ -0,0 +1,4 @@
+# Backports nicht automatisch bevorzugen
+Package: *
+Pin: release n={{ target_release }}-backports
+Pin-Priority: {{ backports_pin_priority }}

templates/apt-migrate-to-trixie/backports.sources.j2

@@ -0,0 +1,8 @@
+# Verwaltet via Ansible - Backports für {{ target_release }}
+Types: deb deb-src
+URIs: {{ debian_mirror }}
+Suites: {{ target_release }}-backports
+Components: {{ components }}
+{% if use_signed_by %}
+Signed-By: {{ signed_by_keyring }}
+{% endif %}

templates/apt-migrate-to-trixie/debian.sources.j2

@@ -0,0 +1,15 @@
+# Verwaltet via Ansible - Debian Basis & Updates für {{ target_release }}
+Types: deb deb-src
+URIs: {{ debian_mirror }}
+Suites: {{ target_release }} {{ target_release }}-updates
+Components: {{ components }}
+Signed-By: default
+EOF
+# Verwaltet via Ansible - Debian Basis & Updates für {{ target_release }}
+Types: deb deb-src
+URIs: {{ debian_mirror }}
+Suites: {{ target_release }} {{ target_release }}-updates
+Components: {{ components }}
+{% if use_signed_by %}
+Signed-By: {{ signed_by_keyring }}
+{% endif %}

templates/apt-migrate-to-trixie/security.sources.j2

@@ -0,0 +1,8 @@
+# Verwaltet via Ansible - Security für {{ target_release }}
+Types: deb deb-src
+URIs: {{ security_mirror }}
+Suites: {{ target_release }}-security
+Components: {{ components }}
+{% if use_signed_by %}
+Signed-By: {{ signed_by_keyring }}
+{% endif %}