From 614fe79fa43a4545d9fb8f194fafe5a1b808a0de Mon Sep 17 00:00:00 2001
From: Jean-Marie Mineau <jean-marie.mineau@protonmail.com>
Date: Tue, 29 Jun 2021 11:26:28 +0200
Subject: [PATCH] tell apt to use the proxy on all machines connected to the
 vpn

---
 books/base.yml                                     | 5 +++++
 group_vars/all/apt_proxy.yml                       | 2 ++
 group_vars/all/{networking.yaml => networking.yml} | 0
 roles/client_apt_proxy/tasks/main.yml              | 8 ++++++++
 roles/client_apt_proxy/templates/00aptproxy.j2     | 3 +++
 5 files changed, 18 insertions(+)
 rename group_vars/all/{networking.yaml => networking.yml} (100%)
 create mode 100644 roles/client_apt_proxy/tasks/main.yml
 create mode 100644 roles/client_apt_proxy/templates/00aptproxy.j2

diff --git a/books/base.yml b/books/base.yml
index d245bad..141b323 100644
--- a/books/base.yml
+++ b/books/base.yml
@@ -1,7 +1,12 @@
 #!/usr/bin/env ansible-playbook
 ---
+- hosts: vpn, !tests,
+  roles:
+    - client_apt_proxy
+
 - hosts: all, !tests,
   roles:
     - base_config
     - create_users
     - ssh_totp
+
diff --git a/group_vars/all/apt_proxy.yml b/group_vars/all/apt_proxy.yml
index 169bdf0..290ae89 100644
--- a/group_vars/all/apt_proxy.yml
+++ b/group_vars/all/apt_proxy.yml
@@ -5,3 +5,5 @@ apt_proxy_admin_mdp: "{{ vault_apt_proxy_admin_mdp }}"
 
 apt_proxy_allowed_clients: 
   - "{{ intranet['ipv4'] }}/{{ intranet['netmaskv4'] }}"
+
+apt_proxy_address: "{{ intranet['subnets']['physical']['subnets']['hindley']['ipv4'] }}"
diff --git a/group_vars/all/networking.yaml b/group_vars/all/networking.yml
similarity index 100%
rename from group_vars/all/networking.yaml
rename to group_vars/all/networking.yml
diff --git a/roles/client_apt_proxy/tasks/main.yml b/roles/client_apt_proxy/tasks/main.yml
new file mode 100644
index 0000000..09f1776
--- /dev/null
+++ b/roles/client_apt_proxy/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- name: Tell apt to use the proxy
+  template:
+    src: "00aptproxy.j2"
+    dest: "/etc/apt/apt.conf.d/00aptproxy"
+    owner: root
+    group: root
+    mode: '644'
diff --git a/roles/client_apt_proxy/templates/00aptproxy.j2 b/roles/client_apt_proxy/templates/00aptproxy.j2
new file mode 100644
index 0000000..b0c4997
--- /dev/null
+++ b/roles/client_apt_proxy/templates/00aptproxy.j2
@@ -0,0 +1,3 @@
+{{ ansible_managed | comment }}
+Acquire::http::Proxy "http://{{ apt_proxy_address }}:{{ apt_proxy_port }}/";
+