Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • v2.27.0
  • v2.25.1
  • v2.24.3
  • v2.26.0
  • v2.24.2
  • v2.25.0
  • v2.24.1
  • v2.22.2
  • v2.23.3
  • v2.24.0
  • v2.23.2
  • v2.23.1
  • v2.23.0
  • v2.22.1
  • v2.22.0
  • v2.21.0
  • v2.20.0
  • v2.19.1
  • v2.18.2
  • v2.19.0
21 results
Blame Permalink
  • Terry's avatar
    f72063e7
    Remove DNSSEC config management in bootstrap-debian.yml (#7408) · f72063e7
    Terry authored 
    DNSSEC is off by default on ubuntu/bionic64 (18.04) as per resolved.conf(5).
These tasks are artefacts of obsolete infra configuration, and no longer needed.

Further removing these tasks resolves the issue that the tasks always reports
'changed' and bounces systemd-resolved unneccesarily, even if there was no
actual modification of /etc/systemd/resolved.conf.
    Unverified
    f72063e7
    History
    Remove DNSSEC config management in bootstrap-debian.yml (#7408)
    Terry authored 
    DNSSEC is off by default on ubuntu/bionic64 (18.04) as per resolved.conf(5).
These tasks are artefacts of obsolete infra configuration, and no longer needed.

Further removing these tasks resolves the issue that the tasks always reports
'changed' and bounces systemd-resolved unneccesarily, even if there was no
actual modification of /etc/systemd/resolved.conf.
bootstrap-debian.yml 1.78 KiB 
---
# Some Debian based distros ship without Python installed

- name: Check if bootstrap is needed
  raw: which python3
  register: need_bootstrap
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false
  tags:
    - facts

- name: Check http::proxy in apt configuration files
  raw: apt-config dump | grep -qsi 'Acquire::http::proxy'
  register: need_http_proxy
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false

- name: Add http_proxy to /etc/apt/apt.conf if http_proxy is defined
  raw: echo 'Acquire::http::proxy "{{ http_proxy }}";' >> /etc/apt/apt.conf
  become: true
  when:
    - http_proxy is defined
    - need_http_proxy.rc != 0
    - not skip_http_proxy_on_os_packages

- name: Check https::proxy in apt configuration files
  raw: apt-config dump | grep -qsi 'Acquire::https::proxy'
  register: need_https_proxy
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false

- name: Add https_proxy to /etc/apt/apt.conf if https_proxy is defined
  raw: echo 'Acquire::https::proxy "{{ https_proxy }}";' >> /etc/apt/apt.conf
  become: true
  when:
    - https_proxy is defined
    - need_https_proxy.rc != 0
    - not skip_http_proxy_on_os_packages

- name: Install python3
  raw:
    apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y python3-minimal
  become: true
  when:
    - need_bootstrap.rc != 0

- name: Set the ansible_python_interpreter fact
  set_fact:
    ansible_python_interpreter: "/usr/bin/python3"

# Workaround for https://github.com/ansible/ansible/issues/25543
- name: Install dbus for the hostname module
  package:
    name: dbus
    state: present
    use: apt
  become: true