From babda105c9cfdc0190d8b5bae36fe712743912f8 2015-08-16 22:38:56 From: Branko Majic Date: 2015-08-16 22:38:56 Subject: [PATCH] MAR-16: Added option to common role for setting-up caching proxy for apt. --- diff --git a/docs/rolereference.rst b/docs/rolereference.rst index 85974dd36b87f47a49e64d32c1e4ffde0063609e..8fb593525d6515ae58a4d122623cbe369a593535 100644 --- a/docs/rolereference.rst +++ b/docs/rolereference.rst @@ -197,6 +197,7 @@ hardening across all servers, no matter what services they provide. The role implements the following: +* Configures apt to use caching proxy (if any was specified). * Sets-up umask for all logins to ``0027``. * Installs sudo. * Installs additional base packages, as configured. @@ -220,6 +221,10 @@ The role implements the following: Parameters ~~~~~~~~~~ +**apt_proxy** (string, optional) + URI of a caching proxy that should be used when retrieving the packages via + apt. Default is no proxy. + **os_users** (list, optional) A list of operating system users that should be set-up on a server. Each item is a dictionary with the following options describing the user parameters: diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index c4afe605198021854406787580e398dbc197c255..5c08716f0dcad4317739488fb59cc1176753bb71 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,5 +1,14 @@ --- +- name: Enable use of proxy for retrieving system packages via apt + template: src="apt_proxy.j2" dest="/etc/apt/apt.conf.d/00proxy" + owner=root group=root mode=644 + when: apt_proxy is defined + +- name: Disable use of proxy for retrieving system packages via apt + file: path="/etc/apt/apt.conf.d/00proxy" state=absent + when: apt_proxy is undefined + - name: Deploy pam-auth-update configuration file for enabling pam_umask copy: src=pam_umask dest=/usr/share/pam-configs/umask mode=644 owner=root group=root notify: Update PAM configuration diff --git a/roles/common/templates/apt_proxy.j2 b/roles/common/templates/apt_proxy.j2 new file mode 100644 index 0000000000000000000000000000000000000000..2a1c4f52a130100a0dc6c2b94e9258db37bb757c --- /dev/null +++ b/roles/common/templates/apt_proxy.j2 @@ -0,0 +1 @@ +Acquire::http::Proxy "{{ apt_proxy }}";