Using HTTPS Debian repos with Ansible


This originally appeared on the Annexe.

If you use popular third-party Debian repos such as Sury, you need the apt-transport-https package first. If you use Ansible:

- name: Install dependencies
    name: apt-transport-https
    state: present
- name: Install sury repo key
    url: ""
    state: present
- name: Install sury repo
    repo: deb {{ ansible_distribution_release }} main
    update_cache: yes

And naturally you’re also filtering outbound firewall traffic too, because you’re competent. In which case, make sure you’re permitting https traffic too:

- name: Enable outbound https
    rule: allow
    direction: out
    port: https

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person in bios. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.