ilia
b424e9b55b
- Introduce checks for existing GPG keys and repositories for Docker, NodeSource, and Tailscale to ensure correct configurations before installation. - Implement conditional removal of incorrect keys and repositories to maintain a clean setup. - Update Makefile to include a command for editing group vault variables. These changes enhance package management reliability and streamline the installation process across different roles.
45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
---
|
|
- name: Check if Docker GPG key exists and is correct
|
|
ansible.builtin.shell: |
|
|
if [ -f /etc/apt/keyrings/docker.gpg ]; then
|
|
if file /etc/apt/keyrings/docker.gpg | grep -q "PGP"; then
|
|
echo "correct_key"
|
|
else
|
|
echo "wrong_key"
|
|
fi
|
|
else
|
|
echo "not_exists"
|
|
fi
|
|
register: docker_key_check
|
|
failed_when: false
|
|
|
|
- name: Remove incorrect Docker GPG key
|
|
ansible.builtin.file:
|
|
path: /etc/apt/keyrings/docker.gpg
|
|
state: absent
|
|
become: true
|
|
when: docker_key_check.stdout == "wrong_key"
|
|
|
|
- name: Download Docker's official GPG key only if needed
|
|
ansible.builtin.get_url:
|
|
url: https://download.docker.com/linux/ubuntu/gpg
|
|
dest: /tmp/docker.gpg
|
|
mode: '0644'
|
|
when: docker_key_check.stdout in ["not_exists", "wrong_key"]
|
|
|
|
- name: Convert and install Docker GPG key only if needed
|
|
ansible.builtin.shell: gpg --dearmor < /tmp/docker.gpg > /etc/apt/keyrings/docker.gpg
|
|
changed_when: false
|
|
when: docker_key_check.stdout in ["not_exists", "wrong_key"]
|
|
|
|
- name: Set permissions on Docker GPG key only if needed
|
|
ansible.builtin.file:
|
|
path: /etc/apt/keyrings/docker.gpg
|
|
mode: '0644'
|
|
when: docker_key_check.stdout in ["not_exists", "wrong_key"]
|
|
|
|
- name: Clean up temporary GPG key file
|
|
ansible.builtin.file:
|
|
path: /tmp/docker.gpg
|
|
state: absent
|
|
when: docker_key_check.stdout in ["not_exists", "wrong_key"] |