feat: add support for Raspberry Pi OS Trixie#2732
Open
nicomiguelino wants to merge 8 commits intoScreenly:masterfrom
Open
feat: add support for Raspberry Pi OS Trixie#2732nicomiguelino wants to merge 8 commits intoScreenly:masterfrom
nicomiguelino wants to merge 8 commits intoScreenly:masterfrom
Conversation
- Replace deprecated `apt-key` tasks with `get_url` to store Docker GPG key in `/etc/apt/keyrings/docker.asc` - Add `signed-by` reference in Docker apt sources list entry - Consolidate x86 and Raspberry Pi key tasks into a single task using the Debian Docker repository Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Update `REPOSITORY`, `BRANCH`, and `GITHUB_RAW_URL` to use the fork and branch - Disable interactive prompts; hardcode network management and system upgrade to `Yes` Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Guard `.pkla` tasks to only run on Debian 12 (Bookworm) and earlier - Add polkit `.rules` task for Debian 13 (Trixie+) where `.pkla` support was dropped Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Updates the installer/playbooks to support Raspberry Pi OS Trixie (Debian 13), primarily by replacing deprecated apt-key usage for Docker and adjusting NetworkManager polkit configuration for newer polkit versions.
Changes:
- Switch Docker APT key handling to
/etc/apt/keyringsand addsigned-byin the Docker repo entry. - Add a polkit
.rulesfile for NetworkManager authorization on Debian 13+ and gate legacy.pklaedits to Debian <= 12. - Modify
bin/install.shdefaults/flow (branch/repo URLs and user prompts).
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| bin/install.sh | Changes installer defaults and removes interactive prompting (currently hardcodes fork/branch and forces options). |
| ansible/roles/system/tasks/main.yml | Migrates Docker repo key setup away from apt_key and adds signed-by to the repo entry. |
| ansible/roles/network/tasks/main.yml | Adds Debian-version-gated polkit configuration for NetworkManager (rules for 13+, pkla for <=12). |
Comments suppressed due to low confidence (1)
ansible/roles/system/tasks/main.yml:314
- Because this task uses
lineinfilewithout aregexp, hosts that already have the previous Docker repo line (withoutsigned-by) will end up with two deb entries in docker.list after reruns/upgrades. Add aregexp(or usereplace/template) so the existing Docker repo line is updated in-place rather than duplicated.
- name: Add Docker repo
ansible.builtin.lineinfile:
path: /etc/apt/sources.list.d/docker.list
create: true
line: "deb [arch={{ architecture }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ debian_name.stdout }} stable"
state: present
owner: root
group: root
mode: "0644"
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Restore `BRANCH`, `REPOSITORY`, and `GITHUB_RAW_URL` to upstream values - Restore interactive prompts for network management, version, and system upgrade Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Replace `ansible-community/ansible-lint-action@main` (archived) with direct `pip install` and `ansible-lint` run Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Restore `ansible-community/ansible-lint-action@main` usage - Revert direct `pip install` and `ansible-lint` invocation Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Update `REPOSITORY`, `BRANCH`, and `GITHUB_RAW_URL` to use the fork and branch - Disable interactive prompts; hardcode network management and system upgrade to `Yes` Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add task to check if `/etc/timezone` exists - Derive timezone from `/etc/localtime` symlink and write to `/etc/timezone` if missing Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issues Fixed
Fixes #2532
Description
Raspberry Pi OS Trixie (Debian 13) removes
apt-key, which the previous playbook relied on viaansible.builtin.apt_key. This change replaces the deprecated approach with the modern method recommended by Docker and Debian:/etc/apt/keyrings/directory/etc/apt/keyrings/docker.ascusingget_urlsigned-by=/etc/apt/keyrings/docker.ascto the Docker apt sources list entryThis approach is backward-compatible with Bookworm.
Checklist