Skip to main content

Note

This module is part of ansible-base and included in all Ansible installations. In most cases, you can use the short module name apt_key even without specifying the collections: keyword. Despite that, we recommend you use the FQCN for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.

New in version 1.0: of ansible.builtin

Synopsis

  • Add or remove an apt key, optionally downloading it.

Requirements

The below requirements are needed on the host that executes this module.

  • gpg

Parameters

Parameter Choices/Defaults Comments
data
string
The keyfile contents to add to the keyring.
file
path
The path to a keyfile on the remote server to add to the keyring.
id
string
The identifier of the key.
Including this allows check mode to correctly report the changed state.
If specifying a subkey's id be aware that apt-key does not understand how to remove keys via a subkey id. Specify the primary key's id instead.
This parameter is required when state is set to absent.
keyring
path
added in 1.3 of ansible.builtin
The full path to specific keyring file in /etc/apt/trusted.gpg.d/.
keyserver
string
added in 1.6 of ansible.builtin
The keyserver to retrieve key from.
state
string
    Choices:
  • absent
  • present
Ensures that the key is present (added) or absent (revoked).
url
string
The URL to retrieve key from.
validate_certs
boolean
    Choices:
  • no
  • yes
If no, SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Notes

Note

Examples

- name: Add an apt key by id from a keyserver   ansible.builtin.apt_key:     keyserver: keyserver.ubuntu.com     id: 36A1D7869245C8950F966E92D8576A8BA88D21E9  - name: Add an Apt signing key, uses whichever key is at the URL   ansible.builtin.apt_key:     url: https://ftp-master.debian.org/keys/archive-key-6.0.asc     state: present  - name: Add an Apt signing key, will not download if present   ansible.builtin.apt_key:     id: 9FED2BCBDCD29CDF762678CBAED4B06F473041FA     url: https://ftp-master.debian.org/keys/archive-key-6.0.asc     state: present  - name: Remove a Apt specific signing key, leading 0x is valid   ansible.builtin.apt_key:     id: 0x9FED2BCBDCD29CDF762678CBAED4B06F473041FA     state: absent  # Use armored file since utf-8 string is expected. Must be of "PGP PUBLIC KEY BLOCK" type. - name: Add a key from a file on the Ansible server   ansible.builtin.apt_key:     data: "{{ lookup('file', 'apt.asc') }}"     state: present  - name: Add an Apt signing key to a specific keyring file   ansible.builtin.apt_key:     id: 9FED2BCBDCD29CDF762678CBAED4B06F473041FA     url: https://ftp-master.debian.org/keys/archive-key-6.0.asc     keyring: /etc/apt/trusted.gpg.d/debian.gpg  - name: Add Apt signing key on remote server to keyring   ansible.builtin.apt_key:     id: 9FED2BCBDCD29CDF762678CBAED4B06F473041FA     file: /tmp/apt.gpg     state: present

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
after
list / elements=string
on change
List of apt key ids or fingerprints after any modification

Sample:
['D8576A8BA88D21E9', '3B4FE6ACC0B21F32', 'D94AA3F0EFE21092', '871920D1991BC93C']
before
list / elements=string
always
List of apt key ids or fingprints before any modifications

Sample:
['3B4FE6ACC0B21F32', 'D94AA3F0EFE21092', '871920D1991BC93C']
fp
string
always
Fingerprint of the key to import

Sample:
D8576A8BA88D21E9
id
string
always
key id from source

Sample:
36A1D7869245C8950F966E92D8576A8BA88D21E9
key_id
string
always
calculated key id, it should be same as 'id', but can be different

Sample:
36A1D7869245C8950F966E92D8576A8BA88D21E9
short_id
string
always
caclulated short key id

Sample:
A88D21E9


Authors

  • Jayson Vantuyl (@jvantuyl)

Comments

Post a Comment

Popular posts from this blog

Are Regular VACUUM ANALYZE Still Recommended Under 9.1?

Answer : VACUUM is only needed on updated or deleted rows in non-temporary tables. Obviously you're doing lots of INSERTs but it's not obvious from the description that you're also doing lots of UPDATEs or DELETEs. These operations can be tracked with the pg_stat_all_tables view, specifically the n_tup_upd and n_tup_del columns. Also, even more to the point, there is a n_dead_tup column that tells, per table, how much rows need to be vacuumed. (see Monitoring statistics in the doc for functions and views related to statistics gathering). A possible strategy in your case would be to suppress the scheduled VACUUM, keeping an eye on this view and checking on which tables the n_dead_tup is going up significantly. Then apply the aggressive VACUUM to these tables only. This will be a win if there are large tables whose rows never get deleted nor updated and the aggressive VACUUM is really necessary only on smaller tables. But keep running the ANALYZE for the optimiz
Read more

Can Feynman Diagrams Be Used To Represent Any Perturbation Theory?

Answer : Diagram machinery works also for perturbation theory in classical statistical mechanics and classical field theories. Generally, various kinds of diagrams constitute a pictorial way of talking about tensor products and their contractions while hiding the multi-linear algebra from the layman. In the simplest case, vertices (or blobs) represent vectors, matrices, tensors; vertices have ingoing and/or outgoing ports; ingoing ports denote (contravariant) ro indices; outgoing ports denote (covariant) co indices; directed arcs between blobs give a pair of equal indices summed over; different base spaces ⇔ \Leftrightarrow ⇔ different arc types; symmetric tensors ⇔ \Leftrightarrow ⇔ undirected diagrams; no labels are needed for internal lines. In many cases, the directed arcs are decorated (as thin, thick, broken,wavy, curly lines), each decoration indicating the presence of a so-called propagator, a function of its label to use as a weight in the sum, which may beco
Read more