Note
This module is part of ansible-base
and included in all Ansible installations. In most cases, you can use the short module name yum_repository even without specifying the collections:
keyword. Despite that, we recommend you use the FQCN for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.
New in version 2.1: of ansible.builtin
Parameter | Choices/Defaults | Comments |
---|---|---|
async boolean |
| If set to yes Yum will download packages and metadata from this repo in parallel, if possible. |
attributes string added in 2.3 of ansible.builtin | The attributes the resulting file or directory should have. To get supported flags look at the man page for chattr on the target system. This string should contain the attributes in the same order as the one displayed by lsattr. The = operator is assumed as default, otherwise + or - operators need to be included in the string.aliases: attr | |
bandwidth string | Default: 0 | Maximum available network bandwidth in bytes/second. Used with the throttle option. If throttle is a percentage and bandwidth is 0 then bandwidth throttling will be disabled. If throttle is expressed as a data rate (bytes/sec) then this option is ignored. Default is 0 (no bandwidth throttling). |
baseurl list / elements=string | URL to the directory where the yum repository's 'repodata' directory lives. It can also be a list of multiple URLs. This, the metalink or mirrorlist parameters are required if state is set to present . | |
cost string | Default: 1000 | Relative cost of accessing this repository. Useful for weighing one repo's packages as greater/less than any other. |
deltarpm_metadata_percentage string | Default: 100 | When the relative size of deltarpm metadata vs pkgs is larger than this, deltarpm metadata is not downloaded from the repo. Note that you can give values over 100 , so 200 means that the metadata is required to be half the size of the packages. Use 0 to turn off this check, and always download metadata. |
deltarpm_percentage string | Default: 75 | When the relative size of delta vs pkg is larger than this, delta is not used. Use 0 to turn off delta rpm processing. Local repositories (with file:// baseurl) have delta rpms turned off by default. |
description string | A human readable string describing the repository. This option corresponds to the "name" property in the repo file. This parameter is only required if state is set to present . | |
enabled boolean |
| This tells yum whether or not use this repository. Yum default value is true . |
enablegroups boolean |
| Determines whether yum will allow the use of package groups for this repository. Yum default value is true . |
exclude list / elements=string | List of packages to exclude from updates or installs. This should be a space separated list. Shell globs using wildcards (eg. * and ? ) are allowed.The list can also be a regular YAML array. | |
failovermethod string |
| roundrobin randomly selects a URL out of the list of URLs to start with and proceeds through each of them as it encounters a failure contacting the host.priority starts from the first baseurl listed and reads through them sequentially. |
file string | File name without the .repo extension to save the repo in. Defaults to the value of name. | |
gpgcakey string | A URL pointing to the ASCII-armored CA key file for the repository. | |
gpgcheck boolean |
| Tells yum whether or not it should perform a GPG signature check on packages. No default setting. If the value is not set, the system setting from /etc/yum.conf or system default of no will be used. |
gpgkey list / elements=string | A URL pointing to the ASCII-armored GPG key file for the repository. It can also be a list of multiple URLs. | |
group string | Name of the group that should own the file/directory, as would be fed to chown. | |
http_caching string |
| Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does. all means that all HTTP downloads should be cached.packages means that only RPM package downloads should be cached (but not repository metadata downloads).none means that no HTTP downloads should be cached. |
include string | Include external configuration file. Both, local path and URL is supported. Configuration file will be inserted at the position of the include= line. Included files may contain further include lines. Yum will abort with an error if an inclusion loop is detected. | |
includepkgs list / elements=string | List of packages you want to only use from a repository. This should be a space separated list. Shell globs using wildcards (eg. * and ? ) are allowed. Substitution variables (e.g. $releasever ) are honored here.The list can also be a regular YAML array. | |
ip_resolve string |
| Determines how yum resolves host names. 4 or IPv4 - resolve to IPv4 addresses only.6 or IPv6 - resolve to IPv6 addresses only. |
keepalive boolean |
| This tells yum whether or not HTTP/1.1 keepalive should be used with this repository. This can improve transfer speeds by using one connection when downloading multiple files from a repository. |
keepcache string |
| Either 1 or 0 . Determines whether or not yum keeps the cache of headers and packages after successful installation. |
metadata_expire string | Default: 21600 | Time (in seconds) after which the metadata will expire. Default value is 6 hours. |
metadata_expire_filter string |
| Filter the metadata_expire time, allowing a trade of speed for accuracy if a command doesn't require it. Each yum command can specify that it requires a certain level of timeliness quality from the remote repos. from "I'm about to install/upgrade, so this better be current" to "Anything that's available is good enough". never - Nothing is filtered, always obey metadata_expire.read-only:past - Commands that only care about past information are filtered from metadata expiring. Eg. yum history info (if history needs to lookup anything about a previous transaction, then by definition the remote package was available in the past).read-only:present - Commands that are balanced between past and future. Eg. yum list yum.read-only:future - Commands that are likely to result in running other commands which will require the latest metadata. Eg. yum check-update.Note that this option does not override "yum clean expire-cache". |
metalink string | Specifies a URL to a metalink file for the repomd.xml, a list of mirrors for the entire repository are generated by converting the mirrors for the repomd.xml file to a baseurl. This, the baseurl or mirrorlist parameters are required if state is set to present . | |
mirrorlist string | Specifies a URL to a file containing a list of baseurls. This, the baseurl or metalink parameters are required if state is set to present . | |
mirrorlist_expire string | Default: 21600 | Time (in seconds) after which the mirrorlist locally cached will expire. Default value is 6 hours. |
mode raw | The permissions the resulting file or directory should have. For those used to /usr/bin/chmod remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like 0644 or 01777 ) or quote it (like '644' or '1777' ) so Ansible receives a string and can do its own conversion from string into number.Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, u+rwx or u=rw,g=r,o=r ).If mode is not specified and the destination file does not exist, the default umask on the system will be used when setting the mode for the newly created file.If mode is not specified and the destination file does exist, the mode of the existing file will be used.Specifying mode is the best way to ensure files are created with the correct permissions. See CVE-2020-1736 for further details. | |
module_hotfixes boolean added in 2.11 of ansible.builtin |
| Disable module RPM filtering and make all RPMs from the repository available. The default is None . |
name string / required | Unique repository ID. This option builds the section name of the repository in the repo file. This parameter is only required if state is set to present or absent . | |
owner string | Name of the user that should own the file/directory, as would be fed to chown. | |
password string | Password to use with the username for basic authentication. | |
priority string | Default: 99 | Enforce ordered protection of repositories. The value is an integer from 1 to 99. This option only works if the YUM Priorities plugin is installed. |
protect boolean |
| Protect packages from updates from other repositories. |
proxy string | URL to the proxy server that yum should use. Set to _none_ to disable the global proxy setting. | |
proxy_password string | Password for this proxy. | |
proxy_username string | Username to use for proxy. | |
repo_gpgcheck boolean |
| This tells yum whether or not it should perform a GPG signature check on the repodata from this repository. |
reposdir path | Default: "/etc/yum.repos.d" | Directory where the .repo files will be stored. |
retries string | Default: 10 | Set the number of times any attempt to retrieve a file should retry before returning an error. Setting this to 0 makes yum try forever. |
s3_enabled boolean |
| Enables support for S3 repositories. This option only works if the YUM S3 plugin is installed. |
selevel string | The level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the range .When set to _default , it will use the level portion of the policy if available. | |
serole string | The role part of the SELinux file context. When set to _default , it will use the role portion of the policy if available. | |
setype string | The type part of the SELinux file context. When set to _default , it will use the type portion of the policy if available. | |
seuser string | The user part of the SELinux file context. By default it uses the system policy, where applicable.When set to _default , it will use the user portion of the policy if available. | |
skip_if_unavailable boolean |
| If set to yes yum will continue running if this repository cannot be contacted for any reason. This should be set carefully as all repos are consulted for any given command. |
ssl_check_cert_permissions boolean |
| Whether yum should check the permissions on the paths for the certificates on the repository (both remote and local). If we can't read any of the files then yum will force skip_if_unavailable to be yes . This is most useful for non-root processes which use yum on repos that have client cert files which are readable only by root. |
sslcacert string | Path to the directory containing the databases of the certificate authorities yum should use to verify SSL certificates. aliases: ca_cert | |
sslclientcert string | Path to the SSL client certificate yum should use to connect to repos/remote sites. aliases: client_cert | |
sslclientkey string | Path to the SSL client key yum should use to connect to repos/remote sites. aliases: client_key | |
sslverify boolean |
| Defines whether yum should verify SSL certificates/hosts at all. aliases: validate_certs |
state string |
| State of the repo file. |
throttle string | Enable bandwidth throttling for downloads. This option can be expressed as a absolute data rate in bytes/sec. An SI prefix (k, M or G) may be appended to the bandwidth value. | |
timeout string | Default: 30 | Number of seconds to wait for a connection before timing out. |
ui_repoid_vars string | Default: "releasever basearch" | When a repository id is displayed, append these yum variables to the string if they are used in the baseurl/etc. Variables are appended in the order listed (and found). |
unsafe_writes boolean added in 2.2 of ansible.builtin |
| Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file. By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner. This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. |
username string | Username to use for basic authentication to a repo or really any url. |
Note
yum clean all
. Use a notification handler for this.params
parameter was removed in Ansible 2.5 due to circumventing Ansible’s parameter handling- name: Add repository yum_repository: name: epel description: EPEL YUM repo baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/ - name: Add multiple repositories into the same file (1/2) yum_repository: name: epel description: EPEL YUM repo file: external_repos baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/ gpgcheck: no - name: Add multiple repositories into the same file (2/2) yum_repository: name: rpmforge description: RPMforge YUM repo file: external_repos baseurl: http://apt.sw.be/redhat/el7/en/$basearch/rpmforge mirrorlist: http://mirrorlist.repoforge.org/el7/mirrors-rpmforge enabled: no # Handler showing how to clean yum metadata cache - name: yum-clean-metadata command: yum clean metadata args: warn: no # Example removing a repository and cleaning up metadata cache - name: Remove repository (and clean up left-over metadata) yum_repository: name: epel state: absent notify: yum-clean-metadata - name: Remove repository from a specific repo file yum_repository: name: epel file: external_repos state: absent
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
repo string | success | repository name Sample: epel |
state string | success | state of the target, after execution Sample: present |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/ansible/builtin/yum_repository_module.html