diff --git a/ansible-dependencies-trixie-sudo.yml b/ansible-dependencies-trixie-sudo.yml index f392ec3..b7cde38 100644 --- a/ansible-dependencies-trixie-sudo.yml +++ b/ansible-dependencies-trixie-sudo.yml @@ -1,8 +1,9 @@ --- - -- hosts: initial_setup +- name: Bootstrap & Abhängigkeiten für Ansible auf Debian/Trixie + hosts: all + become: true gather_facts: false roles: - - ansible_dependencies-trixie - - ansible_user_debian + - role: ansible_dependencies-trixie + - role: ansible_user_debian diff --git a/ansible-dependencies-trixie-sudo.yml.00 b/ansible-dependencies-trixie-sudo.yml.00 new file mode 100644 index 0000000..f392ec3 --- /dev/null +++ b/ansible-dependencies-trixie-sudo.yml.00 @@ -0,0 +1,8 @@ +--- + +- hosts: initial_setup + gather_facts: false + + roles: + - ansible_dependencies-trixie + - ansible_user_debian diff --git a/ansible-dependencies-trixie.yml b/ansible-dependencies-trixie.yml index 76a1637..6a800db 100644 --- a/ansible-dependencies-trixie.yml +++ b/ansible-dependencies-trixie.yml @@ -1,6 +1,6 @@ --- -- hosts: initial_setup +- hosts: Bootstrap & Abhängigkeiten für Ansible auf Debian/Trixie remote_user: root become: false gather_facts: false diff --git a/roles/ansible_dependencies-trixie/tasks/main.yml b/roles/ansible_dependencies-trixie/tasks/main.yml index 0ef6a17..5c3510a 100644 --- a/roles/ansible_dependencies-trixie/tasks/main.yml +++ b/roles/ansible_dependencies-trixie/tasks/main.yml @@ -1,47 +1,68 @@ --- -- name: re-synchronize the package index files from their sources - raw: apt-get update - -- name: Ensure aptitude is present - raw: test -e /usr/bin/aptitude || apt-get install aptitude -y +- name: Ensure python3 and python3-apt are present (bootstrap) + ansible.builtin.raw: | + test -x /usr/bin/python3 && dpkg -s python3-apt >/dev/null 2>&1 \ + || (apt-get update -y && apt-get install -y python3 python3-apt) + changed_when: false -- name: Ensure python3 is present (This is necessary for ansible to work properly) - raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3) -- name: Ensure python-is-python3 is present (This is necessary for ansible to work properly) - raw: test -e /usr/bin/python3 && (apt -y update && apt install -y python-is-python3) +# Ab dem Zeitpunkt in dem Python auf dem Zielsystem vorhanden ist, +# kann Ansible wieder normale Module (wie apt, file, service, copy, usw.) benutzen. +# +# Aber: +# Da gather_facts: false gesetzt war, hat Ansible bis hierher keine Systeminformationen (Facts) wie: +# +# ansible_distribution +# +# ansible_fqdn +# +# ansible_memtotal_mb +# +# ansible_interfaces +# +# etc. +# eingesammelt. +# +# Rufe das 'setup'-Modul manuell auf mit: +# +# - name: Enable facts now that Python exists +# ansible.builtin.setup: +# +# Damit holt Ansible nachträglich die Facts, jetzt, wo Python verfügbar ist. +# +- name: Enable facts now that Python exists + ansible.builtin.setup: -- name: Ensure python-apt-common is present (This is necessary for ansible to work properly) - raw: test -e /usr/bin/python && (apt -y update && apt install -y python-apt-common) -- name: Ensure python-apt is present (This is necessary for ansible to work properly) - raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-apt) +- name: Ensure aptitude is present (optional) + ansible.builtin.raw: | + test -x /usr/bin/aptitude || (apt-get update -y && apt-get install -y aptitude) + changed_when: false + when: (aptitude_needed | default(false)) | bool -- name: dpkg --configure -a - command: > - dpkg --configure -a - args: - warn: false - changed_when: _dpkg_configure.stdout_lines | length - register: _dpkg_configure - when: apt_dpkg_configure|bool - tags: - - ansible-dependencies - -- name: apt upgrade - apt: - upgrade: "{{ apt_upgrade_type }}" +- name: Update apt cache + ansible.builtin.apt: update_cache: true - dpkg_options: "{{ apt_upgrade_dpkg_options | join(',') }}" - when: apt_upgrade|bool - tags: - - ansible-dependencies + cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}" -- name: apt install ansible dependencies - apt: - name: "{{ apt_ansible_dependencies_trixie }}" - state: "{{ apt_install_state }}" - tags: - - ansible-dependencies +- name: Fix half-configured packages (dpkg --configure -a) + ansible.builtin.command: dpkg --configure -a + register: dpkg_config + changed_when: (dpkg_config.stdout | default('')) | length > 0 + when: (apt_dpkg_configure | default(true)) | bool + tags: [ansible-dependencies] +- name: Upgrade packages + ansible.builtin.apt: + upgrade: "{{ apt_upgrade_type | default('safe') }}" + update_cache: true + dpkg_options: "{{ (apt_upgrade_dpkg_options | default(['force-confdef','force-confold'])) | join(',') }}" + when: (apt_upgrade | default(false)) | bool + tags: [ansible-dependencies] + +- name: Install Ansible dependencies + ansible.builtin.apt: + name: "{{ apt_ansible_dependencies_trixie | default(['python3','python3-apt']) }}" + state: "{{ apt_install_state | default('present') }}" + tags: [ansible-dependencies] diff --git a/roles/ansible_dependencies-trixie/tasks/main.yml.01 b/roles/ansible_dependencies-trixie/tasks/main.yml.01 new file mode 100644 index 0000000..2d9f26a --- /dev/null +++ b/roles/ansible_dependencies-trixie/tasks/main.yml.01 @@ -0,0 +1,68 @@ +--- + +- name: Ensure python3 and python3-apt are present (bootstrap) + ansible.builtin.raw: | + test -x /usr/bin/python3 && dpkg -s python3-apt >/dev/null 2>&1 \ + || (apt-get update -y && apt-get install -y python3 python3-apt) + changed_when: false + + +# Ab dem Zeitpunkt in dem Python auf dem Zielsystem vorhanden ist, +# kann Ansible wieder normale Module (wie apt, file, service, copy, usw.) benutzen. +# +# Aber: +# Da gather_facts: false gesetzt war, hat Ansible bis hierher keine Systeminformationen (Facts) wie: +# +# ansible_distribution +# +# ansible_fqdn +# +# ansible_memtotal_mb +# +# ansible_interfaces +# +# etc. +# eingesammelt. +# +# Rufe das 'setup'-Modul manuell auf mit: +# +# - name: Enable facts now that Python exists +# ansible.builtin.setup: +# +# Damit holt Ansible nachträglich die Facts, jetzt, wo Python verfügbar ist. +# +- name: Enable facts now that Python exists + ansible.builtin.setup: + + +- name: Ensure aptitude is present (optional) + ansible.builtin.raw: | + test -x /usr/bin/aptitude || (apt-get update -y && apt-get install -y aptitude) + changed_when: false + when: (aptitude_needed | default(false)) | bool + +- name: Update apt cache + ansible.builtin.apt: + update_cache: true + cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}" + +- name: Fix half-configured packages (dpkg --configure -a) + ansible.builtin.command: dpkg --configure -a + register: dpkg_config + changed_when: (dpkg_config.stdout | default('')) | length > 0 + when: (apt_dpkg_configure | default(true)) | bool + tags: [ansible-dependencies] + +- name: Upgrade packages + ansible.builtin.apt: + upgrade: "{{ apt_upgrade_type | default('safe') }}" + update_cache: true + dpkg_options: "{{ (apt_upgrade_dpkg_options | default(['force-confdef','force-confold'])) | join(',') }}" + when: (apt_upgrade | default(false)) | bool + tags: [ansible-dependencies] + +- name: Install Ansible dependencies + ansible.builtin.apt: + name: "{{ apt_ansible_dependencies_trixie | default(['python3','python3-apt']) }}" + state: "{{ apt_install_state | default('present') }}" + tags: [ansible-dependencies] diff --git a/roles/ansible_dependencies-trixie/tasks/main.yml.02 b/roles/ansible_dependencies-trixie/tasks/main.yml.02 new file mode 100644 index 0000000..2d462b0 --- /dev/null +++ b/roles/ansible_dependencies-trixie/tasks/main.yml.02 @@ -0,0 +1,72 @@ +--- + +# --- Nur fürs Bootstrap, damit Python für Ansible verfügbar ist --- +- name: Ensure python3 and python3-apt are present (bootstrap) + ansible.builtin.raw: | + test -x /usr/bin/python3 || (apt-get -y update && apt-get install -y python3) + test -x /usr/bin/python3 && (apt-get -y update && apt-get install -y python3-apt) + changed_when: false + + +# Ab dem Zeitpunkt in dem Python auf dem Zielsystem vorhanden ist, +# kann Ansible wieder normale Module (wie apt, file, service, copy, usw.) benutzen. +# +# Aber: +# Da gather_facts: false gesetzt war, hat Ansible bis hierher keine Systeminformationen (Facts) wie: +# +# ansible_distribution +# +# ansible_fqdn +# +# ansible_memtotal_mb +# +# ansible_interfaces +# +# etc. +# eingesammelt. +# +# Rufe das 'setup'-Modul manuell auf mit: +# +# - name: Enable facts now that Python exists +# ansible.builtin.setup: +# +# Damit holt Ansible nachträglich die Facts, jetzt, wo Python verfügbar ist. +# +- name: Enable facts now that Python exists + ansible.builtin.setup: + +# --- Ab hier normale Module verwenden --- +- name: Update APT cache + ansible.builtin.apt: + update_cache: true + cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}" + tags: [ansible-dependencies] + +- name: Ensure aptitude is present + ansible.builtin.apt: + name: aptitude + state: present + tags: [ansible-dependencies] + +- name: dpkg --configure -a + ansible.builtin.command: dpkg --configure -a + register: dpkg_out + # "changed" nur, wenn es wirklich etwas ausgibt/konfiguriert + changed_when: dpkg_out.stdout is defined and dpkg_out.stdout | length > 0 + when: apt_dpkg_configure | bool + tags: [ansible-dependencies] + +- name: apt upgrade + ansible.builtin.apt: + upgrade: "{{ apt_upgrade_type }}" + update_cache: true + dpkg_options: "{{ apt_upgrade_dpkg_options | join(',') }}" + when: apt_upgrade | bool + tags: [ansible-dependencies] + +- name: apt install ansible dependencies + ansible.builtin.apt: + name: "{{ apt_ansible_dependencies_trixie }}" + state: "{{ apt_install_state }}" + tags: [ansible-dependencies] +