Ensure NGINX repo and install before apt update, so that it works
Ensure NGINX repo and install on nginx_hosts before apt update, so that the latest NGINX key is deployed and apt update won't fail on an invalid signature on these hosts. Also only run the gnupg install if gnupg isn't present in the nginx repo_setup.yaml to make that work.
This commit is contained in:
parent
fb4aabc772
commit
11bbf187c6
|
@ -1,3 +1,16 @@
|
|||
- name: Ensure NGINX repo and install on nginx_hosts
|
||||
hosts: nginx_hosts
|
||||
tasks:
|
||||
- name: make sure NGINX repos are setup
|
||||
ansible.builtin.include_role:
|
||||
name: nginx
|
||||
tasks_from: main/repo_setup
|
||||
|
||||
- name: make sure NGINX is installed
|
||||
ansible.builtin.include_role:
|
||||
name: nginx
|
||||
tasks_from: main/nginx_install
|
||||
|
||||
- name: Make Sure System Package Are Up-To-Date
|
||||
hosts: all
|
||||
roles:
|
||||
|
|
|
@ -1,9 +1,14 @@
|
|||
- name: gather package facts
|
||||
ansible.builtin.package_facts:
|
||||
manager: apt
|
||||
|
||||
- name: make sure `gnupg` package is installed
|
||||
ansible.builtin.apt:
|
||||
name: gnupg
|
||||
state: present
|
||||
update_cache: true
|
||||
become: true
|
||||
when: "'gnupg' not in ansible_facts.packages"
|
||||
|
||||
- name: make sure NGINX signing key is added
|
||||
ansible.builtin.get_url:
|
||||
|
|
Loading…
Reference in a new issue