diff --git a/tasks/packages.yml b/tasks/packages.yml index bc639b5..af126b0 100644 --- a/tasks/packages.yml +++ b/tasks/packages.yml @@ -23,10 +23,19 @@ state: present notify: sudo apt update +- name: Download /etc/apt/keyrings/rspamd.gpg + become: true + ansible.builtin.get_url: + url: '//rspamd.com/apt-stable/gpg.key' + dest: '/etc/apt/keyrings/rspamd.gpg' + mode: '0644' + owner: 'root' + group: 'root' + - name: add rspamd repo become: true ansible.builtin.apt_repository: - repo: "deb https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main" + repo: "deb [signed-by=/etc/apt/keyrings/rspamd.gpg] https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main" state: present mode: 0644 notify: sudo apt update @@ -34,7 +43,7 @@ - name: add rspamd srv-repo become: true ansible.builtin.apt_repository: - repo: "deb-src https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main" + repo: "deb-src [signed-by=/etc/apt/keyrings/rspamd.gpg] https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main" state: present mode: 0644 notify: sudo apt update diff --git a/vars/main.yml b/vars/main.yml index a48eae8..5987a2b 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,6 +1,6 @@ --- # versionscheck -playbook_version_number: 9 # should be a integer +playbook_version_number: 10 playbook_version_path: 'do1jlr.rspamd.version' # https://github.com/ansible/ansible/issues/36129