Build Windows Templates in RHV

roles/systemli.apt_repositories/tasks/key_path.yml

@@ -0,0 +1,31 @@
+---
+
+- name: Copy key to remote machine
+  copy:
+    src: "{{ _config.key_path }}"
+    dest: /tmp/{{ _name }}.gpg
+    owner: root
+    group: root
+    mode: 0644
+  check_mode: false
+  changed_when: false
+
+- name: Find out whether {{ _config.key_path }} is armored
+  stat:
+    path: /tmp/{{ _name }}.gpg
+  register: _file
+
+- name: Add armored key for {{ _name }} by path
+  apt_key:
+    file: /tmp/{{ _name }}.gpg
+    keyring: /usr/share/keyrings/{{ _name }}.gpg
+  when: "'ascii' in _file.stat.charset"
+
+- name: Add binary key for {{ _name }} by path
+  copy:
+    src: "{{ _config.key_path }}"
+    dest: /usr/share/keyrings/{{ _name }}.gpg
+    owner: root
+    group: root
+    mode: 0644
+  when: _file.stat.charset == 'binary'

roles/systemli.apt_repositories/tasks/main.yml

@@ -0,0 +1,30 @@
+---
+
+- name: Remove old repositories
+  file:
+    path: "/etc/apt/sources.list.d/{{ item }}"
+    state: absent
+  with_items: "{{ apt_repositories_absent }}"
+
+- name: Update cache
+  apt:
+    update_cache: true
+  changed_when: false
+
+- name: Install dependecies
+  apt:
+    pkg: "{{ apt_repositories_dependencies }}"
+
+- name: Ensure we can transport via https
+  apt:
+    pkg: apt-transport-https
+  when: ((ansible_distribution == 'Debian' and ansible_distribution_major_version|int < 10) or
+        (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int < 18))
+
+- include_tasks: repo.yml
+  loop: "{{ apt_repositories }}"
+
+- name: Update cache
+  apt:
+    update_cache: true
+  changed_when: false

roles/systemli.apt_repositories/tasks/repo.yml

@@ -0,0 +1,83 @@
+---
+
+- name: Clear preset
+  include_vars: null.yml
+
+- name: Read in preset
+  include_vars:
+    file: "{{ item.preset }}.yml"
+    name: _preset
+  when: item.preset is defined
+
+# - debug:
+#     var: _preset
+
+- name: combine preset with given config
+  set_fact:
+    _config: "{{ _preset|default({})|combine(item) }}"
+
+# - debug:
+#     var: _config
+
+- name: ensure we have a repo name 1
+  set_fact:
+    _name: "{{ _config.name }}"
+  when: _config.name is defined and _config.name
+
+- name: ensure we have a repo name 2
+  set_fact:
+    _name: "{{ _config.url|urlsplit('hostname') }}"
+  when: _config.name is undefined or not _config.name
+
+- name: Add key for {{ _name }} by content
+  apt_key:
+    data: "{{ _config.key }}"
+    keyring: /usr/share/keyrings/{{ _name }}.gpg
+  when: _config.key is defined and _config.key
+
+- import_tasks: key_path.yml
+  when: _config.key is undefined or not _config.key
+
+- name: Register final keyring stats
+  stat:
+    path: /usr/share/keyrings/{{ _name }}.gpg
+  register: _f
+
+# - debug:
+#     var: _f
+
+- name: Ensure we have binary key
+  assert:
+    that:
+      - _f.stat.exists
+      - _f.stat.charset == 'binary'
+  when: not ansible_check_mode
+
+- name: Add repository {{ _name }}
+  template:
+    src: repo.sources.j2
+    dest: /etc/apt/sources.list.d/{{ _name }}.sources
+    owner: root
+    group: root
+    mode: 0644
+  when: _config.style is undefined or _config.style == "deb822"
+
+- name: Add repository {{ _name }} in single line style
+  template:
+    src: repo.list.j2
+    dest: /etc/apt/sources.list.d/{{ _name }}.list
+    owner: root
+    group: root
+    mode: 0644
+  when: _config.style is defined and _config.style == "line"
+
+# apt currently only support meaningful pinning by hostname
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858406
+
+- name: Add pinning preferences for {{ _name }}
+  template:
+    src: pref.j2
+    dest: /etc/apt/preferences.d/{{ _name }}.pref
+    owner: root
+    group: root
+    mode: 0644