diff --git a/CHANGELOG.md b/CHANGELOG.md index 89c0951..b6aea84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ SPDX-License-Identifier: GPL-3.0-or-later - **BREAKING** CentOS7: Introduce `wireguard_centos7_kernel_plus_reboot` and `wireguard_centos7_standard_reboot` variables. Both are set to "true" by default. This will cause the host to be rebooted in case the "wireguard" kernel module was installed the very first time. If `wireguard_centos7_installation_method: "kernel-plus"` is set and the host wasn't booted with a `kernel-plus` kernel already you most probably need to reboot. For the `standard` kernel this might not be needed. - CentOS7: Add reboot to the standard mode to make sure the WireGuard kernel module is available (contribution by @mofelee) +- **BREAKING** Introduce `wireguard_update_cache` variable to control if package manager caches should be updated before the installation (contribution by @sebix). Before this release the package manager cache wasn't updated for AlmaLinux 9, Archlinux, Fedora and openSUSE. With `wireguard_update_cache` set to `true` by default those OSes are now also update the package manager cache. If you don't want that set `wireguard_update_cache` to `false` for the host in question. +- variable `wireguard_ubuntu_update_cache` is deprecated ## 13.0.1 diff --git a/README.md b/README.md index 12604cc..fd5315d 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,10 @@ wireguard_interface_restart: false # course a very sensitive value you might consider a tool like Ansible Vault # to store it encrypted. # wireguard_private_key: + +# Set to "false" if package cache should not be updated (only relevant if +# the package manager in question supports this option) +wireguard_update_cache: "true" ``` There are also a few Linux distribution specific settings: @@ -148,8 +152,9 @@ There are also a few Linux distribution specific settings: # - elementary OS ####################################### -# Set to "false" if package cache should not be updated -wireguard_ubuntu_update_cache: "true" +# DEPRECATED: Please use "wireguard_update_cache" instead. +# Set to "false" if package cache should not be updated. +wireguard_ubuntu_update_cache: "{{ wireguard_update_cache }}" # Set package cache valid time wireguard_ubuntu_cache_valid_time: "3600" diff --git a/defaults/main.yml b/defaults/main.yml index 4cf5060..0e24d37 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -67,14 +67,19 @@ wireguard_interface_restart: false # If not set, a new one is generated on a blank configuration. # wireguard_private_key: +# Set to "false" if package cache should not be updated (only relevant if +# the package manager in question supports this option) +wireguard_update_cache: "true" + ####################################### # Settings only relevant for: # - Ubuntu # - elementary OS ####################################### -# Set to "false" if package cache should not be updated -wireguard_ubuntu_update_cache: "true" +# DEPRECATED: Please use "wireguard_update_cache" instead. +# Set to "false" if package cache should not be updated. +wireguard_ubuntu_update_cache: "{{ wireguard_update_cache }}" # Set package cache valid time wireguard_ubuntu_cache_valid_time: "3600" diff --git a/molecule/kvm/prepare.yml b/molecule/kvm/prepare.yml index d85fd55..bd3c101 100644 --- a/molecule/kvm/prepare.yml +++ b/molecule/kvm/prepare.yml @@ -1,5 +1,5 @@ --- -# Copyright (C) 2021-2022 Robert Wimmer +# Copyright (C) 2021-2023 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later - hosts: opensuse @@ -26,6 +26,9 @@ changed_when: false failed_when: false + - name: Updating pacman cache + raw: pacman -Sy + - name: Install Python ansible.builtin.raw: | pacman -S --noconfirm python diff --git a/tasks/setup-almalinux-8.yml b/tasks/setup-almalinux-8.yml index 42a3a45..7e3f896 100644 --- a/tasks/setup-almalinux-8.yml +++ b/tasks/setup-almalinux-8.yml @@ -7,7 +7,7 @@ name: - epel-release - elrepo-release - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (AlmaLinux 8) Ensure WireGuard DKMS package is removed ansible.builtin.yum: diff --git a/tasks/setup-almalinux.yml b/tasks/setup-almalinux.yml index 0dcc688..2463081 100644 --- a/tasks/setup-almalinux.yml +++ b/tasks/setup-almalinux.yml @@ -6,3 +6,4 @@ ansible.builtin.yum: name: wireguard-tools state: present + update_cache: "{{ wireguard_update_cache }}" diff --git a/tasks/setup-archlinux.yml b/tasks/setup-archlinux.yml index 47021b2..999cc1f 100644 --- a/tasks/setup-archlinux.yml +++ b/tasks/setup-archlinux.yml @@ -2,6 +2,10 @@ # Copyright (C) 2018-2022 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later +- name: (Archlinux) Refresh the master package lists + community.general.pacman: + update_cache: "{{ wireguard_update_cache }}" + - name: (Archlinux) Install wireguard-tools package community.general.pacman: name: wireguard-tools diff --git a/tasks/setup-centos-7.yml b/tasks/setup-centos-7.yml index 3f49b82..d06bc2e 100644 --- a/tasks/setup-centos-7.yml +++ b/tasks/setup-centos-7.yml @@ -11,12 +11,12 @@ name: - epel-release - https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (CentOS 7) Install yum-plugin-elrepo ansible.builtin.yum: name: yum-plugin-elrepo - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (CentOS 7) Install WireGuard packages ansible.builtin.yum: @@ -48,7 +48,7 @@ name: - epel-release - yum-utils - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (CentOS 7 - kernel-plus) Enable CentosPlus repo ansible.builtin.command: yum-config-manager --setopt=centosplus.includepkgs=kernel-plus --enablerepo=centosplus --save diff --git a/tasks/setup-debian-pve-guest-variant.yml b/tasks/setup-debian-pve-guest-variant.yml index c31d210..6eaa508 100644 --- a/tasks/setup-debian-pve-guest-variant.yml +++ b/tasks/setup-debian-pve-guest-variant.yml @@ -6,7 +6,7 @@ ansible.builtin.apt_repository: repo: "deb http://deb.debian.org/debian buster-backports main" state: "{{ 'present' if (ansible_distribution_version | int <= 10) else 'absent' }}" - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Proxmox lxc) Install wireguard-tools. ansible.builtin.apt: diff --git a/tasks/setup-debian-pve-host-variant.yml b/tasks/setup-debian-pve-host-variant.yml index a9638de..c41505e 100644 --- a/tasks/setup-debian-pve-host-variant.yml +++ b/tasks/setup-debian-pve-host-variant.yml @@ -8,7 +8,7 @@ ansible.builtin.apt_repository: repo: "deb http://deb.debian.org/debian buster-backports main" state: "{{ 'present' if (ansible_distribution_version | int <= 10) else 'absent' }}" - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Proxmox) Install kernel headers for the currently running kernel to compile WireGuard with DKMS ansible.builtin.apt: diff --git a/tasks/setup-debian-raspbian-buster.yml b/tasks/setup-debian-raspbian-buster.yml index a8421f1..b609809 100644 --- a/tasks/setup-debian-raspbian-buster.yml +++ b/tasks/setup-debian-raspbian-buster.yml @@ -27,7 +27,7 @@ ansible.builtin.apt_repository: repo: "deb http://deb.debian.org/debian buster-backports main" state: present - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Raspbian) Install latest kernel ansible.builtin.apt: diff --git a/tasks/setup-debian-vanilla.yml b/tasks/setup-debian-vanilla.yml index 242ddf8..664827a 100644 --- a/tasks/setup-debian-vanilla.yml +++ b/tasks/setup-debian-vanilla.yml @@ -8,3 +8,4 @@ name: - "wireguard" state: present + update_cache: "{{ wireguard_update_cache }}" diff --git a/tasks/setup-fedora.yml b/tasks/setup-fedora.yml index 38da4c1..c793007 100644 --- a/tasks/setup-fedora.yml +++ b/tasks/setup-fedora.yml @@ -1,5 +1,6 @@ --- # Copyright (C) 2020 Ties de Kock +# Copyright (C) 2023 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later - name: (Fedora) Install WireGuard packages @@ -7,3 +8,4 @@ name: - "wireguard-tools" state: present + update_cache: "{{ wireguard_update_cache }}" diff --git a/tasks/setup-opensuse leap.yml b/tasks/setup-opensuse leap.yml index 4198f9b..054ced1 100644 --- a/tasks/setup-opensuse leap.yml +++ b/tasks/setup-opensuse leap.yml @@ -7,3 +7,4 @@ name: - "wireguard-tools" state: present + update_cache: "{{ wireguard_update_cache }}" diff --git a/tasks/setup-rocky-8.yml b/tasks/setup-rocky-8.yml index f40a255..0210167 100644 --- a/tasks/setup-rocky-8.yml +++ b/tasks/setup-rocky-8.yml @@ -11,7 +11,7 @@ name: - epel-release - elrepo-release - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Rocky Linux 8) Ensure WireGuard DKMS package is removed ansible.builtin.yum: @@ -40,7 +40,7 @@ ansible.builtin.yum: name: - epel-release - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Rocky Linux 8) Ensure WireGuard KMOD package is removed ansible.builtin.yum: diff --git a/tasks/setup-rocky.yml b/tasks/setup-rocky.yml index 3743dbc..a26d1de 100644 --- a/tasks/setup-rocky.yml +++ b/tasks/setup-rocky.yml @@ -6,3 +6,4 @@ ansible.builtin.yum: name: wireguard-tools state: present + update_cache: "{{ wireguard_update_cache }}"