diff options
| -rw-r--r-- | roles/common/tasks/main.yml | 4 | ||||
| -rw-r--r-- | roles/common/templates/etc/apt/preferences.j2 | 3 | ||||
| -rw-r--r-- | roles/common/templates/etc/apt/sources.list.j2 | 4 |
3 files changed, 5 insertions, 6 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 0230c0c..c63d7a4 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -6,7 +6,7 @@ tags: apt - name: Install intel-microcode apt: pkg=intel-microcode - when: "ansible_processor[0] | search('^(Genuine)?Intel.*') and not (ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen')" + when: "ansible_processor[0] | search('^(Genuine)?Intel.*') and not ansible_virtualization_role == 'guest'" tags: intel - include: firewall.yml tags: @@ -30,7 +30,7 @@ tags: - smartmontools - smart - when: "not ((ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen') or ansible_system_vendor == 'QEMU')" + when: "not ansible_virtualization_role == 'guest'" - include: haveged.yml tags: - haveged diff --git a/roles/common/templates/etc/apt/preferences.j2 b/roles/common/templates/etc/apt/preferences.j2 index 5d4b415..ecbb4ec 100644 --- a/roles/common/templates/etc/apt/preferences.j2 +++ b/roles/common/templates/etc/apt/preferences.j2 @@ -20,8 +20,7 @@ Pin: version * Pin-Priority: 200 {% endif %} -{% if ansible_processor[0] | search('^(Genuine)?Intel.*') and - not (ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen') -%} +{% if ansible_processor[0] | search('^(Genuine)?Intel.*') and not ansible_virtualization_role == 'guest' -%} # Automatically upgrade the microcode (when manually installed) Package: intel-microcode iucode-tool Pin: version * diff --git a/roles/common/templates/etc/apt/sources.list.j2 b/roles/common/templates/etc/apt/sources.list.j2 index 2dbaee4..1f51621 100644 --- a/roles/common/templates/etc/apt/sources.list.j2 +++ b/roles/common/templates/etc/apt/sources.list.j2 @@ -2,9 +2,9 @@ # Do NOT edit this file directly! # vim: set filetype=debsources : -deb http://ftp.{%if geoip is defined %}{{ geoip }}.{% endif %}debian.org/debian/ {{ ansible_lsb.codename }} main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[0] | search("^(Genuine)?Intel.*") and not (ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen')) %} contrib non-free{% endif %} +deb http://ftp.{%if geoip is defined %}{{ geoip }}.{% endif %}debian.org/debian/ {{ ansible_lsb.codename }} main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[0] | search("^(Genuine)?Intel.*") and ansible_virtualization_role == 'guest') %} contrib non-free{% endif %} -deb http://security.debian.org/ {{ ansible_lsb.codename }}/updates main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[0] | search("^(Genuine)?Intel.*") and not (ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'xen')) %} contrib non-free{% endif %} +deb http://security.debian.org/ {{ ansible_lsb.codename }}/updates main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[0] | search("^(Genuine)?Intel.*") and not ansible_virtualization_role == 'guest') %} contrib non-free{% endif %} deb http://ftp.{%if geoip is defined %}{{ geoip }}.{% endif %}debian.org/debian/ {{ ansible_lsb.codename }}-updates main |