Add tasks to manage repository files and ensure directory permissions

- Clean up duplicate Brave repository files in applications role. - Ensure Ansible remote_tmp directory exists with correct permissions in base role. - Remove existing NodeSource repository files and create keyrings directory in development role. These changes improve package management and maintain a clean repository setup across roles.
2025-09-09 22:46:31 -04:00 · 2025-09-09 22:46:31 -04:00 · c5ae3af9ac
commit c5ae3af9ac
parent cd12b02147
3 changed files with 40 additions and 9 deletions
--- a/roles/applications/tasks/main.yml
+++ b/roles/applications/tasks/main.yml
@ -16,6 +16,16 @@
    applications_desktop_apps_needed: "{{ ['redshift', 'libreoffice', 'evince'] | difference(ansible_facts.packages.keys()) | length > 0 }}"
    applications_brave_needs_install: "{{ applications_brave_check.rc != 0 or 'brave-browser' not in ansible_facts.packages }}"

+- name: Clean up duplicate Brave repository files
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - /etc/apt/sources.list.d/brave-browser.list
+    - /etc/apt/sources.list.d/brave-browser-release.sources
+  become: true
+  failed_when: false
+
 - name: Install desktop applications
  ansible.builtin.apt:
    name:
@ -28,14 +38,6 @@
 - name: Brave browser installation
  when: applications_brave_needs_install
  block:
-    - name: Remove old Brave repository files
-      ansible.builtin.file:
-        path: "{{ item }}"
-        state: absent
-      loop:
-        - /etc/apt/sources.list.d/brave-browser.list
-        - /etc/apt/sources.list.d/brave-browser-release.sources
-
    - name: Download Brave APT key
      ansible.builtin.get_url:
        url: https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@ -1,4 +1,13 @@
 ---
+- name: Ensure Ansible remote_tmp directory exists with correct permissions
+  ansible.builtin.file:
+    path: /root/.ansible/tmp
+    state: directory
+    mode: '0755'
+    owner: root
+    group: root
+  become: true
+
 - name: Install base system packages
  ansible.builtin.apt:
    name:
--- a/roles/development/tasks/main.yml
+++ b/roles/development/tasks/main.yml
@ -17,11 +17,31 @@
  failed_when: false
  changed_when: false

+- name: Remove existing NodeSource repository files
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - /etc/apt/sources.list.d/nodesource.list
+    - /etc/apt/sources.list.d/nodesource.list.save
+  become: true
+  failed_when: false
+  when: node_version_check.rc != 0 or not node_version_check.stdout.startswith('v2')
+
+- name: Create keyrings directory
+  ansible.builtin.file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: '0755'
+  become: true
+  when: node_version_check.rc != 0 or not node_version_check.stdout.startswith('v2')
+
 - name: Add NodeSource GPG key
  ansible.builtin.get_url:
    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
    dest: /etc/apt/keyrings/nodesource.asc
    mode: '0644'
+    force: true
  become: true
  when: node_version_check.rc != 0 or not node_version_check.stdout.startswith('v2')

@ -29,7 +49,7 @@
  ansible.builtin.apt_repository:
    repo: "deb [signed-by=/etc/apt/keyrings/nodesource.asc] https://deb.nodesource.com/node_22.x nodistro main"
    state: present
-    update_cache: true
+    update_cache: false
  become: true
  when: node_version_check.rc != 0 or not node_version_check.stdout.startswith('v2')