Add or remove an apt key, optionally downloading it
parameter | required | default | choices | comments |
---|---|---|---|---|
data |
no | none | keyfile contents | |
file |
no | none | keyfile path | |
id |
no | none | identifier of key. Including this allows check mode to correctly report the changed state. | |
keyring (added in 1.3) |
no | none | path to specific keyring file in /etc/apt/trusted.gpg.d | |
keyserver (added in 1.6) |
no | none | keyserver to retrieve key from. | |
state |
no | present |
|
used to specify if key is being added or revoked |
url |
no | none | url to retrieve key from. | |
validate_certs |
no | yes |
|
If no , SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates. |
# Add an apt key by id from a keyserver - apt_key: keyserver=keyserver.ubuntu.com id=36A1D7869245C8950F966E92D8576A8BA88D21E9 # Add an Apt signing key, uses whichever key is at the URL - apt_key: url=https://ftp-master.debian.org/keys/archive-key-6.0.asc state=present # Add an Apt signing key, will not download if present - apt_key: id=473041FA url=https://ftp-master.debian.org/keys/archive-key-6.0.asc state=present # Remove an Apt signing key, uses whichever key is at the URL - apt_key: url=https://ftp-master.debian.org/keys/archive-key-6.0.asc state=absent # Remove a Apt specific signing key, leading 0x is valid - apt_key: id=0x473041FA state=absent # Add a key from a file on the Ansible server - apt_key: data="{{ lookup('file', 'apt.gpg') }}" state=present # Add an Apt signing key to a specific keyring file - apt_key: id=473041FA url=https://ftp-master.debian.org/keys/archive-key-6.0.asc keyring=/etc/apt/trusted.gpg.d/debian.gpg state=present
Note
doesn’t download the key unless it really needs it
Note
as a sanity check, downloaded key id must match the one specified
Note
best practice is to specify the key id and the url
For more information on what this means please read Core Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.