From 314fec524804d86d3512c131137335cdd3e17f42 Mon Sep 17 00:00:00 2001 From: Sebastian Wagner Date: Wed, 22 Feb 2023 19:38:56 +0100 Subject: [PATCH 1/9] option wireguard_update_cache to disable refresh previously disable the cache update was only possible on ubuntu using the generic name wireguard_update_cache it can be enabled for all operating systems --- CHANGELOG.md | 4 ++++ README.md | 8 ++++++-- defaults/main.yml | 4 +++- tasks/setup-almalinux-8.yml | 2 +- tasks/setup-centos-7.yml | 6 +++--- tasks/setup-debian-pve-guest-variant.yml | 2 +- tasks/setup-debian-pve-host-variant.yml | 2 +- tasks/setup-debian-raspbian-buster.yml | 2 +- tasks/setup-debian-vanilla.yml | 1 + tasks/setup-rocky-8.yml | 4 ++-- 10 files changed, 23 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e038942..7fe0284 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ SPDX-License-Identifier: GPL-3.0-or-later # Changelog +## 13.1.0 +- new variable `wireguard_update_cache` to control if package manager caches should be updated before the installation (https://github.com/githubixx/ansible-role-wireguard/pull/179) + - variable `wireguard_ubuntu_update_cache` is deprecated and will be removed in the next release + ## 13.0.1 - [fix](https://github.com/githubixx/ansible-role-wireguard/pull/182) in README diff --git a/README.md b/README.md index 21d50f9..7a1fbe6 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,9 @@ wireguard_interface_restart: false # course a very sensitive value you might consider a tool like Ansible Vault # to store it encrypted. # wireguard_private_key: + +# Set to "false" if package cache should not be updated +wireguard_update_cache: "true" ``` There are also a few Linux distribution specific settings: @@ -148,8 +151,9 @@ There are also a few Linux distribution specific settings: # - elementary OS ####################################### -# Set to "false" if package cache should not be updated -wireguard_ubuntu_update_cache: "true" +# Set to "false" if package cache should not be updated. +# DEPRECATED: This variable will be removed with the next major release. Please use "wireguard_update_cache" instead. +wireguard_ubuntu_update_cache: "{{ wireguard_update_cache }}" # Set package cache valid time wireguard_ubuntu_cache_valid_time: "3600" diff --git a/defaults/main.yml b/defaults/main.yml index 2a7666d..e4a797d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -74,7 +74,9 @@ wireguard_interface_restart: false ####################################### # Set to "false" if package cache should not be updated -wireguard_ubuntu_update_cache: "true" +wireguard_update_cache: "true" +# DEPRECATED: This variable will be removed with the next major release. Please use "wireguard_update_cache" instead. +wireguard_ubuntu_update_cache: "{{ wireguard_update_cache }}" # Set package cache valid time wireguard_ubuntu_cache_valid_time: "3600" diff --git a/tasks/setup-almalinux-8.yml b/tasks/setup-almalinux-8.yml index 42a3a45..7e3f896 100644 --- a/tasks/setup-almalinux-8.yml +++ b/tasks/setup-almalinux-8.yml @@ -7,7 +7,7 @@ name: - epel-release - elrepo-release - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (AlmaLinux 8) Ensure WireGuard DKMS package is removed ansible.builtin.yum: diff --git a/tasks/setup-centos-7.yml b/tasks/setup-centos-7.yml index 11b2f42..5d52fa3 100644 --- a/tasks/setup-centos-7.yml +++ b/tasks/setup-centos-7.yml @@ -11,12 +11,12 @@ name: - epel-release - https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (CentOS 7) Install yum-plugin-elrepo ansible.builtin.yum: name: yum-plugin-elrepo - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (CentOS 7) Install WireGuard packages ansible.builtin.yum: @@ -40,7 +40,7 @@ name: - epel-release - yum-utils - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (CentOS 7) Enable CentosPlus repo ansible.builtin.command: yum-config-manager --setopt=centosplus.includepkgs=kernel-plus --enablerepo=centosplus --save diff --git a/tasks/setup-debian-pve-guest-variant.yml b/tasks/setup-debian-pve-guest-variant.yml index c31d210..6eaa508 100644 --- a/tasks/setup-debian-pve-guest-variant.yml +++ b/tasks/setup-debian-pve-guest-variant.yml @@ -6,7 +6,7 @@ ansible.builtin.apt_repository: repo: "deb http://deb.debian.org/debian buster-backports main" state: "{{ 'present' if (ansible_distribution_version | int <= 10) else 'absent' }}" - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Proxmox lxc) Install wireguard-tools. ansible.builtin.apt: diff --git a/tasks/setup-debian-pve-host-variant.yml b/tasks/setup-debian-pve-host-variant.yml index a9638de..c41505e 100644 --- a/tasks/setup-debian-pve-host-variant.yml +++ b/tasks/setup-debian-pve-host-variant.yml @@ -8,7 +8,7 @@ ansible.builtin.apt_repository: repo: "deb http://deb.debian.org/debian buster-backports main" state: "{{ 'present' if (ansible_distribution_version | int <= 10) else 'absent' }}" - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Proxmox) Install kernel headers for the currently running kernel to compile WireGuard with DKMS ansible.builtin.apt: diff --git a/tasks/setup-debian-raspbian-buster.yml b/tasks/setup-debian-raspbian-buster.yml index a8421f1..b609809 100644 --- a/tasks/setup-debian-raspbian-buster.yml +++ b/tasks/setup-debian-raspbian-buster.yml @@ -27,7 +27,7 @@ ansible.builtin.apt_repository: repo: "deb http://deb.debian.org/debian buster-backports main" state: present - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Raspbian) Install latest kernel ansible.builtin.apt: diff --git a/tasks/setup-debian-vanilla.yml b/tasks/setup-debian-vanilla.yml index 242ddf8..664827a 100644 --- a/tasks/setup-debian-vanilla.yml +++ b/tasks/setup-debian-vanilla.yml @@ -8,3 +8,4 @@ name: - "wireguard" state: present + update_cache: "{{ wireguard_update_cache }}" diff --git a/tasks/setup-rocky-8.yml b/tasks/setup-rocky-8.yml index f40a255..0210167 100644 --- a/tasks/setup-rocky-8.yml +++ b/tasks/setup-rocky-8.yml @@ -11,7 +11,7 @@ name: - epel-release - elrepo-release - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Rocky Linux 8) Ensure WireGuard DKMS package is removed ansible.builtin.yum: @@ -40,7 +40,7 @@ ansible.builtin.yum: name: - epel-release - update_cache: true + update_cache: "{{ wireguard_update_cache }}" - name: (Rocky Linux 8) Ensure WireGuard KMOD package is removed ansible.builtin.yum: From 7fbb316965b9eb3812b201c115ca0de75db25875 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 19:56:37 +0100 Subject: [PATCH 2/9] Rocky Linux 9: update package manager cache by default --- tasks/setup-rocky.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/setup-rocky.yml b/tasks/setup-rocky.yml index 3743dbc..a26d1de 100644 --- a/tasks/setup-rocky.yml +++ b/tasks/setup-rocky.yml @@ -6,3 +6,4 @@ ansible.builtin.yum: name: wireguard-tools state: present + update_cache: "{{ wireguard_update_cache }}" From ada56ca65b7c506b56244811950faf041cfc5915 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 19:57:05 +0100 Subject: [PATCH 3/9] Fedora: update package manager cache by default --- tasks/setup-fedora.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tasks/setup-fedora.yml b/tasks/setup-fedora.yml index 38da4c1..c793007 100644 --- a/tasks/setup-fedora.yml +++ b/tasks/setup-fedora.yml @@ -1,5 +1,6 @@ --- # Copyright (C) 2020 Ties de Kock +# Copyright (C) 2023 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later - name: (Fedora) Install WireGuard packages @@ -7,3 +8,4 @@ name: - "wireguard-tools" state: present + update_cache: "{{ wireguard_update_cache }}" From dabf45c78b5c722170a367926b31d95c39b5b1e8 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 19:57:22 +0100 Subject: [PATCH 4/9] Archlinux: update package manager cache by default --- tasks/setup-archlinux.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tasks/setup-archlinux.yml b/tasks/setup-archlinux.yml index 47021b2..999cc1f 100644 --- a/tasks/setup-archlinux.yml +++ b/tasks/setup-archlinux.yml @@ -2,6 +2,10 @@ # Copyright (C) 2018-2022 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later +- name: (Archlinux) Refresh the master package lists + community.general.pacman: + update_cache: "{{ wireguard_update_cache }}" + - name: (Archlinux) Install wireguard-tools package community.general.pacman: name: wireguard-tools From 4d511954622efee40477251117e442665e675cc7 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 19:57:49 +0100 Subject: [PATCH 5/9] openSUSE: update package manager cache by default --- tasks/setup-opensuse leap.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/setup-opensuse leap.yml b/tasks/setup-opensuse leap.yml index 4198f9b..054ced1 100644 --- a/tasks/setup-opensuse leap.yml +++ b/tasks/setup-opensuse leap.yml @@ -7,3 +7,4 @@ name: - "wireguard-tools" state: present + update_cache: "{{ wireguard_update_cache }}" From 053f187100afcc0c54afbb9971f2b731e23b89b4 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 19:58:19 +0100 Subject: [PATCH 6/9] AlmaLinux 9: update package manager cache by default --- tasks/setup-almalinux.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/setup-almalinux.yml b/tasks/setup-almalinux.yml index 0dcc688..2463081 100644 --- a/tasks/setup-almalinux.yml +++ b/tasks/setup-almalinux.yml @@ -6,3 +6,4 @@ ansible.builtin.yum: name: wireguard-tools state: present + update_cache: "{{ wireguard_update_cache }}" From e621ba4b9fde70662cb648287b79774b2f560a27 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 19:58:54 +0100 Subject: [PATCH 7/9] molecule/kvm/prepare.yml: fix Archlinux preperation --- molecule/kvm/prepare.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/molecule/kvm/prepare.yml b/molecule/kvm/prepare.yml index d85fd55..bd3c101 100644 --- a/molecule/kvm/prepare.yml +++ b/molecule/kvm/prepare.yml @@ -1,5 +1,5 @@ --- -# Copyright (C) 2021-2022 Robert Wimmer +# Copyright (C) 2021-2023 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later - hosts: opensuse @@ -26,6 +26,9 @@ changed_when: false failed_when: false + - name: Updating pacman cache + raw: pacman -Sy + - name: Install Python ansible.builtin.raw: | pacman -S --noconfirm python From 65b75674144a3b18a3cf50fb9ab64059846edcba Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 20:05:18 +0100 Subject: [PATCH 8/9] update README and defaults/main.yml --- README.md | 5 +++-- defaults/main.yml | 9 ++++++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 616c48f..fd5315d 100644 --- a/README.md +++ b/README.md @@ -138,7 +138,8 @@ wireguard_interface_restart: false # to store it encrypted. # wireguard_private_key: -# Set to "false" if package cache should not be updated +# Set to "false" if package cache should not be updated (only relevant if +# the package manager in question supports this option) wireguard_update_cache: "true" ``` @@ -151,8 +152,8 @@ There are also a few Linux distribution specific settings: # - elementary OS ####################################### +# DEPRECATED: Please use "wireguard_update_cache" instead. # Set to "false" if package cache should not be updated. -# DEPRECATED: This variable will be removed with the next major release. Please use "wireguard_update_cache" instead. wireguard_ubuntu_update_cache: "{{ wireguard_update_cache }}" # Set package cache valid time diff --git a/defaults/main.yml b/defaults/main.yml index 5d7ce01..0e24d37 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -67,15 +67,18 @@ wireguard_interface_restart: false # If not set, a new one is generated on a blank configuration. # wireguard_private_key: +# Set to "false" if package cache should not be updated (only relevant if +# the package manager in question supports this option) +wireguard_update_cache: "true" + ####################################### # Settings only relevant for: # - Ubuntu # - elementary OS ####################################### -# Set to "false" if package cache should not be updated -wireguard_update_cache: "true" -# DEPRECATED: This variable will be removed with the next major release. Please use "wireguard_update_cache" instead. +# DEPRECATED: Please use "wireguard_update_cache" instead. +# Set to "false" if package cache should not be updated. wireguard_ubuntu_update_cache: "{{ wireguard_update_cache }}" # Set package cache valid time From 4e6c2656633ba886246acdff10c8ae433ae525a8 Mon Sep 17 00:00:00 2001 From: githubixx <2039811+githubixx@users.noreply.github.com> Date: Sat, 25 Mar 2023 20:10:01 +0100 Subject: [PATCH 9/9] update CHANGELOG --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d7a825..b6aea84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,8 +9,8 @@ SPDX-License-Identifier: GPL-3.0-or-later - **BREAKING** CentOS7: Introduce `wireguard_centos7_kernel_plus_reboot` and `wireguard_centos7_standard_reboot` variables. Both are set to "true" by default. This will cause the host to be rebooted in case the "wireguard" kernel module was installed the very first time. If `wireguard_centos7_installation_method: "kernel-plus"` is set and the host wasn't booted with a `kernel-plus` kernel already you most probably need to reboot. For the `standard` kernel this might not be needed. - CentOS7: Add reboot to the standard mode to make sure the WireGuard kernel module is available (contribution by @mofelee) -- introduce `wireguard_update_cache` variable to control if package manager caches should be updated before the installation (contribution by @sebix) -- variable `wireguard_ubuntu_update_cache` is deprecated and will be removed in the next release +- **BREAKING** Introduce `wireguard_update_cache` variable to control if package manager caches should be updated before the installation (contribution by @sebix). Before this release the package manager cache wasn't updated for AlmaLinux 9, Archlinux, Fedora and openSUSE. With `wireguard_update_cache` set to `true` by default those OSes are now also update the package manager cache. If you don't want that set `wireguard_update_cache` to `false` for the host in question. +- variable `wireguard_ubuntu_update_cache` is deprecated ## 13.0.1