Does the `ansible.builtin.apt` module provide parameters that only downloads the debian packages and not install it?

ShanDesai · May 29, 2024, 8:59am

From what I know using apt-get upgrade -d only downloads the packages in the /var/cache/apt/archives directory source

Based on the documentation there is no explicit mention of download parameter. Does someone have any information about this. I would like to avoid using command module for something that already has a module in ansible-core.

motorbass · May 29, 2024, 9:08am

Hi
It seems there’s no options to make it works or workaround like you need.
So probably you’ll go for command or script-like.

What’s the purpose to download package without installing it ?

Some people already try to ask a PR about that :

github.com/ansible/ansible

[Feature Request] apt module: add state "downloaded"

opened 02:29PM - 03 Apr 17 UTC

closed 07:23PM - 24 Aug 22 UTC

MarkusTeufelberger

module affects_2.4 support:core has_pr feature remote_management packaging collection

##### ISSUE TYPE - Feature Idea ##### COMPONENT NAME apt module, potential…ly other package managing modules ##### ANSIBLE VERSION n/a ##### OS / ENVIRONMENT Debian and derivatives ##### SUMMARY Add option to download packages locally without installing them. ##### STEPS TO REPRODUCE Emulating the user experience of: apt-get -d / apt-get download / apt-get --download-only [package1 package2] Example: ```yaml tasks: - name: Download all latest packages, but don't install yet apt: update_cache: yes only_upgrade: yes state: downloaded ``` ##### EXPECTED RESULTS After setting this flag, the specified package(s) can be installed later without requiring a download from the repository server(s). ##### ACTUAL RESULTS Currently, this functionality of apt-get is not exposed in the apt module.

ShanDesai · May 29, 2024, 9:15am

I have certain air-gapped devices which I would like to update on a timely basis. Having the debian packages downloaded on a device connected with internet and then tarballing it to be shipped to the air-gapped environment would be something interesting to tackle.

From what I understand setting up a file-server on a gateway device which is connected to an air-gapped Ansible group would act similar to APT repositories on the internet.

motorbass · May 29, 2024, 9:18am

Ok that makes sense.
Another solution but it’s more a networking-oriented solution, should be to get your own apt mirror (like a server that get access to internet) then configure your sources.list on your air-gapped devices to this mirror.

Then you can easily manage available packages and/or update/upgrade rythm with Ansible playbook that only make update/upgrade tasks.

We set up that kind of solution for different purpose (to avoid to get a bunch of VM that have access to internet) and it works pretty well.

ShanDesai · May 29, 2024, 9:20am

Any documentation on how to achieve the mirror settings? I am looking into similar lines of implementation too.

motorbass · May 29, 2024, 9:25am

Sure, that kind of tutorial is a good basis :

Depends on mirror you need (Deb10,11,12 or others) you may face some issues related to “Translation” but there’s some tips & tricks to resolve this.

About storage, in our case we got Deb11 & Deb12 (without src) mirroring and it takes around 500GB. So you need to properly size your storage parts before mirroring, cause it can takes a lot of space if you didn’t handle it well

system · June 28, 2024, 9:26am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.