diff --git a/roles/custom/matrix_playbook_migration/defaults/main.yml b/roles/custom/matrix_playbook_migration/defaults/main.yml index 0c797cb10..b8b13a9e0 100644 --- a/roles/custom/matrix_playbook_migration/defaults/main.yml +++ b/roles/custom/matrix_playbook_migration/defaults/main.yml @@ -43,6 +43,16 @@ matrix_playbook_migration_matrix_jitsi_migration_validation_enabled: true matrix_playbook_migration_debian_signedby_migration_enabled: true matrix_playbook_migration_debian_signedby_migration_repository_path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ ansible_distribution | lower }}.list" +# Controls if the old apt repository for Docker (`signed-by=/etc/apt/trusted.gpg.d/docker.asc`) will be removed, +# so that the Docker role (7.2.0+) can install a new non-conflicting one (`signed-by=/etc/apt/keyrings/docker.asc`). +# +# Without this migration, the role would choke at the "galaxy/docker : Add Docker repository." task when trying to add the repository again: +# > An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ focal: /etc/apt/trusted.gpg.d/docker.asc != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read. +# +# Related to: https://github.com/geerlingguy/ansible-role-docker/pull/436 +matrix_playbook_migration_docker_trusted_gpg_d_migration_enabled: true +matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path: "/etc/apt/sources.list.d/docker.list" + # Controls if variable transition checks (related to the matrix-nginx-proxy elimination) will run. # If you'd like to keep some `matrix_nginx_proxy` and other variables around and not be warned about them, disable this. # Note: this is not just about `matrix_nginx_proxy_*` variables, but about various other variables that were removed diff --git a/roles/custom/matrix_playbook_migration/tasks/debian_docker_trusted_gpg_d_migration_migration.yml b/roles/custom/matrix_playbook_migration/tasks/debian_docker_trusted_gpg_d_migration_migration.yml new file mode 100644 index 000000000..b5f813a81 --- /dev/null +++ b/roles/custom/matrix_playbook_migration/tasks/debian_docker_trusted_gpg_d_migration_migration.yml @@ -0,0 +1,19 @@ +--- + +- name: Check if the Docker apt repository file exists + stat: + path: "{{ matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path }}" + register: matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path_status + +- when: matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path_status.stat.exists | bool + block: + - name: Read repository file + slurp: + path: "{{ matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path }}" + register: matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path_content + + - name: Remove Docker apt repository file if old key path found + when: "'/etc/apt/trusted.gpg.d/docker.asc' in matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path_content.content | b64decode" + ansible.builtin.file: + path: "{{ matrix_playbook_migration_docker_trusted_gpg_d_migration_repository_path }}" + state: absent diff --git a/roles/custom/matrix_playbook_migration/tasks/main.yml b/roles/custom/matrix_playbook_migration/tasks/main.yml index 33e685b1e..0064d0627 100644 --- a/roles/custom/matrix_playbook_migration/tasks/main.yml +++ b/roles/custom/matrix_playbook_migration/tasks/main.yml @@ -15,6 +15,15 @@ block: - ansible.builtin.include_tasks: "{{ role_path }}/tasks/debian_docker_signedby_migration.yml" +- when: ansible_os_family == 'Debian' and matrix_playbook_docker_installation_enabled | bool and matrix_playbook_migration_docker_trusted_gpg_d_migration_enabled | bool + tags: + - setup-all + - install-all + - setup-docker + - install-docker + block: + - ansible.builtin.include_tasks: "{{ role_path }}/tasks/debian_docker_trusted_gpg_d_migration_migration.yml" + - tags: - setup-all - install-all