diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index ab9e814..b48e069 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -1,5 +1,4 @@ -# .github/workflows/ansible-lint.yml -name: ansible-lint +name: workflow on: pull_request: jobs: diff --git a/local.yml b/local.yml index 5c723be..c5c2b18 100644 --- a/local.yml +++ b/local.yml @@ -48,11 +48,6 @@ # file: tasks/nodejs.yml # need to fix - # - name: Install brave - # ansible.builtin.include_tasks: - # file: tasks/brave.yml - # NOT TESTED - - name: Install signal ansible.builtin.include_tasks: file: tasks/signal.yml diff --git a/tasks/brave.yml b/tasks/brave.yml deleted file mode 100644 index 18df070..0000000 --- a/tasks/brave.yml +++ /dev/null @@ -1,20 +0,0 @@ -- name: Download Brave browser GPG key - get_url: - url: https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg - dest: /usr/share/keyrings/brave-browser-archive-keyring.gpg - mode: '0644' - -- name: Add Brave browser repository - lineinfile: - path: /etc/apt/sources.list.d/brave-browser-release.list - line: "deb [arch=amd64 signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" - create: yes - -- name: Update APT package index - apt: - update_cache: yes - -- name: Install Brave browser - apt: - name: brave-browser - state: present \ No newline at end of file diff --git a/tasks/flathub.yml b/tasks/flathub.yml index 5a7392c..7af9ae2 100644 --- a/tasks/flathub.yml +++ b/tasks/flathub.yml @@ -6,7 +6,7 @@ flatpakrepo_url: https://dl.flathub.org/repo/flathub.flatpakrepo method: user become: false - ignore_errors: true + failed_when: false when: not is_wsl - name: Install packages from flathub @@ -16,5 +16,5 @@ - com.notesnook.Notesnook method: user become: false - ignore_errors: true + failed_when: false when: not is_wsl diff --git a/tasks/signal.yml b/tasks/signal.yml index c30ad4c..c401aa9 100644 --- a/tasks/signal.yml +++ b/tasks/signal.yml @@ -1,7 +1,14 @@ --- -- name: Download Signal GPG key and add to keyring +- name: Download Signal GPG key + ansible.builtin.get_url: + url: https://updates.signal.org/desktop/apt/keys.asc + dest: /tmp/signal-desktop-key.asc + mode: "0644" + when: not is_wsl + +- name: Convert Signal GPG key to keyring format ansible.builtin.shell: - cmd: "wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > /tmp/signal-desktop-keyring.gpg" + cmd: "set -o pipefail && gpg --dearmor < /tmp/signal-desktop-key.asc > /tmp/signal-desktop-keyring.gpg" args: creates: /tmp/signal-desktop-keyring.gpg when: not is_wsl @@ -13,7 +20,7 @@ remote_src: false owner: root group: root - mode: '0644' + mode: "0644" when: not is_wsl - name: Add Signal repository to apt sources diff --git a/tasks/spotify.yml b/tasks/spotify.yml index ac355df..fcded4d 100644 --- a/tasks/spotify.yml +++ b/tasks/spotify.yml @@ -1,7 +1,14 @@ --- -- name: Add Spotify GPG key - ansible.builtin.shell: > - curl -sS https://download.spotify.com/debian/pubkey_C85668DF69375001.gpg | sudo gpg --dearmor --yes -o /etc/apt/trusted.gpg.d/spotify.gpg +- name: Download Spotify GPG key + ansible.builtin.get_url: + url: https://download.spotify.com/debian/pubkey_C85668DF69375001.gpg + dest: /tmp/spotify_pubkey.gpg + mode: "0644" + when: not is_wsl + +- name: Add Spotify GPG key to trusted keyring + ansible.builtin.command: + cmd: gpg --dearmor --yes -o /etc/apt/trusted.gpg.d/spotify.gpg /tmp/spotify_pubkey.gpg args: creates: /etc/apt/trusted.gpg.d/spotify.gpg when: not is_wsl @@ -11,6 +18,7 @@ path: /etc/apt/sources.list.d/spotify.list line: "deb https://repository.spotify.com stable non-free" create: true + mode: "0644" when: not is_wsl - name: Update APT package index