More changes.

This commit is contained in:
Dag Wieers 2017-08-31 12:11:16 +02:00
parent f2c0969d27
commit 1c140cd90d

View file

@ -1,117 +1,104 @@
#!/usr/bin/python #!/usr/bin/python
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# (c) 2012, Michael DeHaan <michael.dehaan@gmail.com> # Copyright: (c) 2012, Michael DeHaan <michael.dehaan@gmail.com>
# (c) 2012, Jayson Vantuyl <jayson@aggressive.ly> # Copyright: (c) 2012, Jayson Vantuyl <jayson@aggressive.ly>
#
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1', ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'], 'status': ['preview'],
'supported_by': 'core'} 'supported_by': 'core'}
DOCUMENTATION = ''' DOCUMENTATION = '''
--- ---
module: apt_key module: apt_key
author: "Jayson Vantuyl & others (@jvantuyl)" author:
- Jayson Vantuyl (@jvantuyl)
version_added: "1.0" version_added: "1.0"
short_description: Add or remove an apt key short_description: Add or remove an apt key
description: description:
- Add or remove an I(apt) key, optionally downloading it - Add or remove an I(apt) key, optionally downloading it.
notes: notes:
- doesn't download the key unless it really needs it - doesn't download the key unless it really needs it
- as a sanity check, downloaded key id must match the one specified - as a sanity check, downloaded key id must match the one specified
- best practice is to specify the key id and the url - best practice is to specify the key id and the url
options: options:
id: id:
required: false
default: none
description: description:
- identifier of key. Including this allows check mode to correctly report the changed state. Required when C(state) is set to C(absent). - The identifier of the key.
- "If specifying a subkey's id be aware that apt-key does not understand how to remove keys via a subkey id. Specify the primary key's id instead." - Including this allows check mode to correctly report the changed state.
- If specifying a subkey's id be aware that apt-key does not understand how to remove keys via a subkey id. Specify the primary key's id instead.
- This parameter is required when C(state) is set to C(absent).
data: data:
required: false
default: none
description: description:
- keyfile contents to add to the keyring - The keyfile contents to add to the keyring.
file: file:
required: false
default: none
description: description:
- path to a keyfile on the remote server to add to the keyring - The path to a keyfile on the remote server to add to the keyring.
keyring: keyring:
required: false
default: none
description: description:
- path to specific keyring file in /etc/apt/trusted.gpg.d -The path to specific keyring file in /etc/apt/trusted.gpg.d/
version_added: "1.3" version_added: "1.3"
url: url:
required: false
default: none
description: description:
- url to retrieve key from. - The URL to retrieve key from.
keyserver: keyserver:
version_added: "1.6"
required: false
default: none
description: description:
- keyserver to retrieve key from. - The keyserver to retrieve key from.
version_added: "1.6"
state: state:
required: false description:
- Ensures that the key is present (added) or absent (revoked).
choices: [ absent, present ] choices: [ absent, present ]
default: present default: present
description:
- used to specify if key is being added or revoked
validate_certs: validate_certs:
description: description:
- If C(no), SSL certificates for the target url will not be validated. This should only be used - If C(no), SSL certificates for the target url will not be validated. This should only be used
on personally controlled sites using self-signed certificates. on personally controlled sites using self-signed certificates.
required: false type: bool
default: 'yes' default: 'yes'
choices: ['yes', 'no']
''' '''
EXAMPLES = ''' EXAMPLES = '''
# Add an apt key by id from a keyserver - name: Add an apt key by id from a keyserver
- apt_key: apt_key:
keyserver: keyserver.ubuntu.com keyserver: keyserver.ubuntu.com
id: 36A1D7869245C8950F966E92D8576A8BA88D21E9 id: 36A1D7869245C8950F966E92D8576A8BA88D21E9
# Add an Apt signing key, uses whichever key is at the URL - name: Add an Apt signing key, uses whichever key is at the URL
- apt_key: apt_key:
url: "https://ftp-master.debian.org/keys/archive-key-6.0.asc" url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
state: present state: present
# Add an Apt signing key, will not download if present - name: Add an Apt signing key, will not download if present
- apt_key: apt_key:
id: 473041FA id: 473041FA
url: "https://ftp-master.debian.org/keys/archive-key-6.0.asc" url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
state: present state: present
# Remove a Apt specific signing key, leading 0x is valid - name: Remove a Apt specific signing key, leading 0x is valid
- apt_key: apt_key:
id: 0x473041FA id: 0x473041FA
state: absent state: absent
# Add a key from a file on the Ansible server. Use armored file since utf-8 string is expected. Must be of "PGP PUBLIC KEY BLOCK" type. # Use armored file since utf-8 string is expected. Must be of "PGP PUBLIC KEY BLOCK" type.
- apt_key: - name: Add a key from a file on the Ansible server.
apt_key:
data: "{{ lookup('file', 'apt.asc') }}" data: "{{ lookup('file', 'apt.asc') }}"
state: present state: present
# Add an Apt signing key to a specific keyring file - name: Add an Apt signing key to a specific keyring file
- apt_key: apt_key:
id: 473041FA id: 473041FA
url: "https://ftp-master.debian.org/keys/archive-key-6.0.asc" url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
keyring: /etc/apt/trusted.gpg.d/debian.gpg keyring: /etc/apt/trusted.gpg.d/debian.gpg
# Add Apt signing key on remote server to keyring - name: Add Apt signing key on remote server to keyring
- apt_key: apt_key:
id: 473041FA id: 473041FA
file: /tmp/apt.gpg file: /tmp/apt.gpg
state: present state: present