From 73881250086494a5ba26150970f67845db0eb1b3 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Wed, 7 Apr 2021 23:53:30 +0200
Subject: [PATCH] [apt] Configure APT sources

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
 base.yml                                      |  5 ++++
 group_vars/debian.yml                         |  4 +++
 group_vars/virtu.yml                          |  8 ++++++
 hosts                                         | 18 ++++++++-----
 roles/apt/tasks/main.yml                      | 27 +++++++++++++++++++
 .../apt/sources.list.d/sources.list.j2        |  8 ++++++
 roles/apt/templates/apt/sources.list.j2       | 18 +++++++++++++
 7 files changed, 81 insertions(+), 7 deletions(-)
 create mode 100644 group_vars/debian.yml
 create mode 100644 group_vars/virtu.yml
 create mode 100644 roles/apt/tasks/main.yml
 create mode 100644 roles/apt/templates/apt/sources.list.d/sources.list.j2
 create mode 100644 roles/apt/templates/apt/sources.list.j2

diff --git a/base.yml b/base.yml
index 0c4f71b..c78a0af 100755
--- a/base.yml
+++ b/base.yml
@@ -1,5 +1,10 @@
 #!/usr/bin/env ansible-playbook
 ---
+- hosts: debian
+  vars:
+    apt: "{{ glob_apt | default({}) | combine(service_apt | default({})) | combine(loc_apt | default({})) }}"
+  roles:
+    - apt
 
 - hosts: all
   roles:
diff --git a/group_vars/debian.yml b/group_vars/debian.yml
new file mode 100644
index 0000000..2feb4f1
--- /dev/null
+++ b/group_vars/debian.yml
@@ -0,0 +1,4 @@
+---
+glob_apt:
+  mirror: "http://mirror.crans.org/"
+  extra_repositories: []
diff --git a/group_vars/virtu.yml b/group_vars/virtu.yml
new file mode 100644
index 0000000..015d4d4
--- /dev/null
+++ b/group_vars/virtu.yml
@@ -0,0 +1,8 @@
+---
+service_apt:
+  extra_repositories:
+    - name: pve-entreprise
+      repositories:
+        - url: "{{ glob_apt.mirror }}proxmox/debian/pve"
+          version: "{{ ansible_distribution_release }}"
+          tags: "pve-no-subscription"
diff --git a/hosts b/hosts
index 1b7eb53..9057abe 100644
--- a/hosts
+++ b/hosts
@@ -1,16 +1,20 @@
-[server]
-templier.adh.crans.org
-dt.adh.crans.org
+[archlinux:children]
+perso
+
+[debian:children]
+server
 
 [perso]
 ynerant-pc.fil.sand.auro.re
 ynerant-thinkpad.wifi.sand.auro.re
 localhost
 
-[crans]
-odlyd.crans.org
-tealc.crans.org
-zamok.crans.org
+[server]
+templier.adh.crans.org
+dt.adh.crans.org
+
+[virtu]
+dt.adh.crans.org
 
 [all:vars]
 # Force remote to use Python 3
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml
new file mode 100644
index 0000000..656b865
--- /dev/null
+++ b/roles/apt/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+- name: Add mirror.crans.org in /etc/hosts
+  lineinfile:
+    state: present
+    path: /etc/hosts
+    regex: "^{{ item }}"
+    line: "{{ item }} mirror.crans.org charybde.crans.org mirror"
+  loop:
+    - "185.230.79.30"
+    - "2a0c:700:2:0:ea39:35ff:fef0:48c9"
+
+- name: Configure Debian repositories
+  template:
+    src: apt/sources.list.j2
+    dest: /etc/apt/sources.list
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Connfigure extra repositories
+  template:
+    src: apt/sources.list.d/sources.list.j2
+    dest: "/etc/apt/sources.list.d/{{ item.name }}.list"
+    owner: root
+    group: root
+    mode: 0644
+  loop: "{{ apt.extra_repositories }}"
diff --git a/roles/apt/templates/apt/sources.list.d/sources.list.j2 b/roles/apt/templates/apt/sources.list.d/sources.list.j2
new file mode 100644
index 0000000..64e479b
--- /dev/null
+++ b/roles/apt/templates/apt/sources.list.d/sources.list.j2
@@ -0,0 +1,8 @@
+{{ ansible_header | comment }}
+
+{% for repo in item.repositories -%}
+deb {{ repo.url }} {{ repo.version }} {{ repo.tags }}
+{% if repo.src is defined and repo.src -%}
+deb-src {{ repo.url }} {{ repo.version }} {{ repo.tags }}
+{% endif -%}
+{% endfor -%}
diff --git a/roles/apt/templates/apt/sources.list.j2 b/roles/apt/templates/apt/sources.list.j2
new file mode 100644
index 0000000..c07dc96
--- /dev/null
+++ b/roles/apt/templates/apt/sources.list.j2
@@ -0,0 +1,18 @@
+{{ ansible_header | comment }}
+
+{% if ansible_distribution_release != "bullseye" %}
+{# Debian security does not exist yet for bullseye #}
+# Mises à jour de sécurité
+deb     {{ apt.mirror }}debian-security {{ ansible_distribution_release }}/updates main contrib non-free
+
+{% endif %}
+# Dépôt classique
+deb     {{ apt.mirror }}debian {{ ansible_distribution_release }} main contrib non-free
+
+# Dépôt pour mises à jour fréquentes (volatile)
+deb     {{ apt.mirror }}debian {{ ansible_distribution_release }}-updates main contrib non-free
+
+{% if backports | default(false) %}
+# Backports
+deb     {{ apt.mirror }}debian {{ ansible_distribution_release }}-backports main contrib non-free
+{% endif %}