ansible/roles/apt_cacher_ng/tasks/main.yml

---
- name: Use a newer version of apt cacher nc for ubuntu 20.04
  block:
    - name: Set the default release
      lineinfile:
        path: /etc/apt/apt.conf.d/01-vendor-ubuntu
        regexp: '^APT::Default-Release '
        line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
    - name: Pin node exporter
      copy:
        dest: /etc/apt/preferences.d/pin-apt-cacher-nc
        content: |
          Package: apt-cacher-nc
          Pin: release n={{ ansible_facts['lsb']['codename'] }}
          Pin-Priority: -10

          Package: apt-cacher-nc
          Pin: release n=groovy
          Pin-Priority: 900          
    - name: Add the repo from groovy
      apt_repository:
        repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
        state: present
  when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'

- name: Install apt-cacher-ng
  apt:
    name:
      - apt-cacher-ng
    state: latest
    update_cache: true
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Create config files
  template:
    src: "acng.conf.j2"
    dest: "/etc/apt-cacher-ng/acng.conf"
    owner: root
    group: root
    mode: '644'
  notify: Restart apt-cacher-ng

- name: Set admin auth
  template:
    src: "security.conf.j2"
    dest: "/etc/apt-cacher-ng/security.conf"
    owner: root
    group: apt-cacher-ng
    mode: '640'
  notify: Restart apt-cacher-ng
  no_log: true

# This is uggly, and overkill
- name: Set cron job to clear the cache 
  template:
    src: "clear-apt-cache_cron.j2"
    dest: "/etc/cron.daily/clear-apt-cache"
    owner: root
    group: root
    mode: '755'

- name: Edit the clients allowed to use the proxy
  lineinfile:
    path: /etc/hosts.allow
    regexp: '^apt-cacher-ng'
    line: "apt-cacher-ng: 127.0.0.1 {{ apt_proxy_allowed_clients | join(' ') }}"
    owner: root
    group: root
    mode: '644'
  notify: Restart apt-cacher-ng

- name: Block everyone else
  lineinfile:
    path: /etc/hosts.deny
    regexp: '^apt-cacher-ng'
    line: "apt-cacher-ng: ALL"
    owner: root
    group: root
    mode: '644'
  notify: Restart apt-cacher-ng

- name: Enable apt-cacher-ng
  systemd:
    name: "apt-cacher-ng"
    state: started
    enabled: yes