From 720e0e0a9f3fa5af217e4b59fe52c1f885df07a3 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sat, 25 Jan 2020 01:24:27 +0100
Subject: /etc/apt/sources.list: Use https:// URIs.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Since 1.5 (Buster) APT supports https:// natively.  There is no need to
install ‘apt-transport-https’ (now a dummy transitional package)
anymore.  Plain-text connection don't undermine security as APT checks
package OpenPGP signatures locally, but there is no reason not to use
TLS here.
---
 roles/common/templates/etc/apt/sources.list.j2 | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/common/templates/etc/apt/sources.list.j2 b/roles/common/templates/etc/apt/sources.list.j2
index 4ae1cb5..47a7cda 100644
--- a/roles/common/templates/etc/apt/sources.list.j2
+++ b/roles/common/templates/etc/apt/sources.list.j2
@@ -2,12 +2,12 @@
 # Do NOT edit this file directly!
 # vim: set filetype=debsources :
 
-deb http://deb.debian.org/debian {{ ansible_lsb.codename }} main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[1] is search("^(Genuine)?Intel.*") and not ansible_virtualization_role == 'guest') %} contrib non-free{% endif %}
+deb https://deb.debian.org/debian {{ ansible_lsb.codename }} main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[1] is search("^(Genuine)?Intel.*") and not ansible_virtualization_role == 'guest') %} contrib non-free{% endif %}
 
-deb http://deb.debian.org/debian-security {{ ansible_lsb.codename }}/updates main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[1] is search("^(Genuine)?Intel.*") and not ansible_virtualization_role == 'guest') %} contrib non-free{% endif %}
+deb https://deb.debian.org/debian-security {{ ansible_lsb.codename }}/updates main{% if inventory_hostname_short in non_free_packages.keys() or (ansible_processor[1] is search("^(Genuine)?Intel.*") and not ansible_virtualization_role == 'guest') %} contrib non-free{% endif %}
 
-deb http://deb.debian.org/debian {{ ansible_lsb.codename }}-updates main
+deb https://deb.debian.org/debian {{ ansible_lsb.codename }}-updates main
 
 {% if 'backports' in group_names -%}
-deb http://deb.debian.org/debian {{ ansible_lsb.codename }}-backports main
+deb https://deb.debian.org/debian {{ ansible_lsb.codename }}-backports main
 {% endif %}
-- 
cgit v1.2.3