apt_preferences default variables

APT preferences lists

apt_preferences__list

List of apt_preferences(5) pins to configure in /etc/apt/preferences.d/. These pins will be configured on all hosts in the cluster, if set in inventory/group_vars/debops_all_hosts/. See apt_preferences__list for more details.

apt_preferences__list: []
apt_preferences__group_list

List of apt_preferences(5) pins to configure in /etc/apt/preferences.d/. These pins will be configured on hosts in a specified group, if set in inventory/group_vars/group_name/. Only one group "level" is supported.

apt_preferences__group_list: []
apt_preferences__host_list

List of apt_preferences(5) pins to configure in /etc/apt/preferences.d/. These pins will be configured on specific hosts, if set in inventory/host_vars/host_name/.

apt_preferences__host_list: []
apt_preferences__dependent_list

List of apt_preferences(5) pins to configure in /etc/apt/preferences.d/. This variable is meant to be used from a role dependency in role/meta/main.yml or in a playbook.

apt_preferences__dependent_list: []

APT preference presets

This section contains presets of APT preferences intended for advanced users who want to install software from different releases but want to keep there main system on the stable release.

When enabling these presets, you will need to set explicit preferences for packages you want to install from different releases. Examples for such explicit preferences can be found in the defaults file of the ypid.packages (search for "Package origin presets for Debian GNU/Linux").

apt_preferences__debian_stable_default_preset_list

Preset for the stable release of Debian GNU/Linux.

Configuring this in APT is needed because releases (stable, testing, unstable) have by default the same priority 500 so when including different releases, APT would just select the newest version (usually unstable). To avoid this, APT preferences are used to change the preferences to prefer stable over testing over unstable.

apt_preferences__debian_stable_default_preset_list:
  - package: '*'
    by_role: 'debops.apt_preferences'
    suffix: '_Debian'
    raw: |
      Explanation: Configure the installed release explicitly to slightly higher than the default priority of 500 so that release packages are preferred over third party repos.
      Package: *
      Pin: release o=Debian,n={{ ansible_distribution_release }}
      Pin-Priority: 550

      Explanation: Configure the security updates explicitly to slightly higher than the default priority of 500 so that security updates are not missing
      Package: *
      Pin: release o=Debian,n={{ ansible_distribution_release }}-security
      Pin-Priority: 550

      Explanation: Configure the stable-updates explicitly to slightly higher than the default priority of 500 so that stable-updates are not missing
      Package: *
      Pin: release o=Debian,n={{ ansible_distribution_release }}-updates
      Pin-Priority: 550

      Explanation: Configure the installed release explicitly to slightly higher than the default priority of 500 so that release packages are preferred over third party repos.
      Package: *
      Pin: release o=Qubes Debian,n={{ ansible_distribution_release }}
      Pin-Priority: 550

      Explanation: The default priority of packages from backports is 100 which is even lower then testing and unstable (500).
      Explanation: Prefer backports over testing and unstable but don’t automatically upgrade to them.
      Package: *
      Pin: release o=Debian Backports,n={{ ansible_distribution_release }}-backports
      Pin-Priority: 400

      Explanation: Pin NeuroDebian with priority 80 which is lower then the official Debian backports (100).
      Explanation: This also works with this pinning configuration where Debian backports is
      Explanation: set to 400 and Debian testing is decreased to 50.
      Explanation: It is done here additionally to the neurodebian role to allow soft migration to extrepo.
      Package: *
      Pin: release o=NeuroDebian
      Pin-Priority: 80

      Explanation: In case ansible_distribution_release is not (anymore) the current stable release don’t automatically upgrade to it.
      Package: *
      Pin: release o=Debian,a=stable
      Pin-Priority: 60

      Explanation: Install packages from testing if no package with the same name is available in release archives or backports or other archives.
      Package: *
      Pin: release o=Debian,a=testing
      Pin-Priority: 50

      Explanation: Only install packages from unstable if explicitly asked for or the package is pinned.
      Package: *
      Pin: release o=Debian,a=unstable
      Pin-Priority: -1

      Explanation: Only install packages from experimental if explicitly asked for or the package is pinned.
      Package: *
      Pin: release o=Debian,a=experimental
      Pin-Priority: -1
apt_preferences__preset_list

Appropriate preset for your distribution, when one is available. To use it, add the following:

1apt_preferences__list:
2  - '{{ apt_preferences__preset_list | list }}'

to your inventory.

apt_preferences__preset_list: '{{
    ((apt_preferences__debian_stable_default_preset_list | list) if (ansible_distribution == "Debian") else [])
  }}'

Role pin defaults

apt_preferences__priority_default

Default pin priority used, if custom priority is not specified in a pin definition.

apt_preferences__priority_default: 500
apt_preferences__priority_version

Default pin priority used if custom priority is not specified in a versioned pin definition.

apt_preferences__priority_version: 1001

Role internals

apt_preferences__next_release

Dictionary of future releases of current stable distributions. This is used to check if the role can create autogenerated pins with preference for backported packages from the <release>-backports repository.

apt_preferences__next_release:

  # Debian releases
  'stretch':  'buster'
  'buster':   'bullseye'
  'bullseye': 'bookworm'
  'bookworm': 'trixie'

  # Ubuntu releases
  'trusty':   'utopic'
  'utopic':   'vivid'
  'vivid':    'wily'
  'wily':     'xenial'
  'xenial':   'yakkety'