apt_key – Add or remove an apt key¶
Synopsis¶
Add or remove an apt key, optionally downloading it.
Requirements¶
The below requirements are needed on the host that executes this module.
gpg
Parameters¶
Notes¶
Note
Doesn’t download the key unless it really needs it.
As a sanity check, downloaded key id must match the one specified.
Use full fingerprint (40 characters) key ids to avoid key collisions. To generate a full-fingerprint imported key:
apt-key adv --list-public-keys --with-fingerprint --with-colons
.If you specify both the key id and the URL with
state=present
, the task can verify or add the key as needed.Adding a new key requires an apt cache update (e.g. using the apt module’s update_cache option)
Examples¶
- name: Add an apt key by id from a keyserver
apt_key:
keyserver: keyserver.ubuntu.com
id: 36A1D7869245C8950F966E92D8576A8BA88D21E9
- name: Add an Apt signing key, uses whichever key is at the URL
apt_key:
url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
state: present
- name: Add an Apt signing key, will not download if present
apt_key:
id: 9FED2BCBDCD29CDF762678CBAED4B06F473041FA
url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
state: present
- name: Remove a Apt specific signing key, leading 0x is valid
apt_key:
id: 0x9FED2BCBDCD29CDF762678CBAED4B06F473041FA
state: absent
# Use armored file since utf-8 string is expected. Must be of "PGP PUBLIC KEY BLOCK" type.
- name: Add a key from a file on the Ansible server.
apt_key:
data: "{{ lookup('file', 'apt.asc') }}"
state: present
- name: Add an Apt signing key to a specific keyring file
apt_key:
id: 9FED2BCBDCD29CDF762678CBAED4B06F473041FA
url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
keyring: /etc/apt/trusted.gpg.d/debian.gpg
- name: Add Apt signing key on remote server to keyring
apt_key:
id: 9FED2BCBDCD29CDF762678CBAED4B06F473041FA
file: /tmp/apt.gpg
state: present
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Core Team. [core]
Red Hat Support¶
More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.