From 3a8d3260c4ed770f1631e4a51e6d90650959af03 Mon Sep 17 00:00:00 2001 From: Ties de Kock Date: Wed, 6 Feb 2019 20:56:06 +0100 Subject: [PATCH] feat(debian) enable module to work on debian (#6) * feat(debian) enable module to work on debian Add support for Debian based on the documentation in debian wiki and discussion in [0]. [0]: https://github.com/githubixx/ansible-role-wireguard/issues/5 * remove run_once for debian * Install kernel headers on debian There is no equivalent package of linux-headers-generic on debian. Package installation needs to specify the architecture (i.e. amd64), which is captured from dpkg output. * Only use include_tasks to differentiate distributions Before Archlinux was split out using ansible_os_family. But since ansible_os_family overlaps for Debian and Ubuntu, two when statements were used to split out these cases: - All arch derivations - Debian - Ubuntu New style is cleaner. Arch derivations can still be used by overiding ansible_distribution in inventory. * incorporate feedback: move pin file, other changed_when syntax --- .../etc/apt/preferences.d/limit-unstable | 3 ++ tasks/main.yml | 2 +- tasks/setup-debian.yml | 35 ++++++++++++------- tasks/setup-ubuntu.yml | 25 +++++++++++++ 4 files changed, 52 insertions(+), 13 deletions(-) create mode 100644 files/debian/etc/apt/preferences.d/limit-unstable create mode 100644 tasks/setup-ubuntu.yml diff --git a/files/debian/etc/apt/preferences.d/limit-unstable b/files/debian/etc/apt/preferences.d/limit-unstable new file mode 100644 index 0000000..3350f2c --- /dev/null +++ b/files/debian/etc/apt/preferences.d/limit-unstable @@ -0,0 +1,3 @@ +Package: * +Pin: release a=unstable +Pin-Priority: 90 diff --git a/tasks/main.yml b/tasks/main.yml index a143553..2ad482f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,7 +2,7 @@ - name: Gather instance facts setup: -- include_tasks: "setup-{{ ansible_os_family|lower }}.yml" +- include_tasks: "setup-{{ ansible_distribution|lower }}.yml" - name: Install WireGuard package: diff --git a/tasks/setup-debian.yml b/tasks/setup-debian.yml index 28d6800..ea34428 100644 --- a/tasks/setup-debian.yml +++ b/tasks/setup-debian.yml @@ -1,26 +1,37 @@ --- -- name: Update APT package cache - apt: - update_cache: true - cache_valid_time: 3600 - when: ansible_distribution == "Ubuntu" +- name: Setup WireGuard preference + copy: + src: debian/etc/apt/preferences.d/limit-unstable + dest: /etc/apt/preferences.d/limit-unstable + owner: root + group: root + mode: 0644 tags: - wg-install -- name: Install required packages - package: - name: "{{ item }}" +- name: Add WireGuard key + apt_key: + keyserver: "keyserver.ubuntu.com" + id: "8B48AD6246925553" state: present - with_items: - - software-properties-common - - linux-headers-{{ ansible_kernel }} tags: - wg-install - name: Add WireGuard repository apt_repository: - repo: "ppa:wireguard/wireguard" + repo: "deb http://deb.debian.org/debian/ unstable main" state: present update_cache: yes tags: - wg-install + +- name: Get architecture + shell: dpkg --print-architecture + register: dpkg_arch + changed_when: False + +- name: Install kernel headers to compile wireguard with DKMS + apt: + name: + - "linux-headers-{{ dpkg_arch.stdout }}" + state: present diff --git a/tasks/setup-ubuntu.yml b/tasks/setup-ubuntu.yml new file mode 100644 index 0000000..c14591a --- /dev/null +++ b/tasks/setup-ubuntu.yml @@ -0,0 +1,25 @@ +--- +- name: Update APT package cache + apt: + update_cache: true + cache_valid_time: 3600 + tags: + - wg-install + +- name: Install required packages + package: + name: "{{ item }}" + state: present + with_items: + - software-properties-common + - linux-headers-{{ ansible_kernel }} + tags: + - wg-install + +- name: Add WireGuard repository + apt_repository: + repo: "ppa:wireguard/wireguard" + state: present + update_cache: yes + tags: + - wg-install