From 18c678002875fd2efde1771a6b9fb4880f06fe0d Mon Sep 17 00:00:00 2001
From: Wang Defa <wangdefa@noreply.gitea.bcde.io>
Date: Thu, 25 Dec 2025 11:47:18 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=20Gitea=20APT=20=E4=BB=93?=
 =?UTF-8?q?=E5=BA=93=E9=85=8D=E7=BD=AE=E5=8A=9F=E8=83=BD=E5=92=8C=E5=AE=8C?=
 =?UTF-8?q?=E6=95=B4=E6=96=87=E6=A1=A3=E7=B3=BB=E7=BB=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 新增 gitea_repo_setup.yaml playbook 用于管理 Gitea APT 仓库
- 支持删除旧源、下载 GPG 密钥、配置新源和自动更新 APT 缓存
- 添加仓库配置架构文档和使用指南
- 采用部分参数化设计，支持自定义仓库 URL 和所有者
---
 gitea_repo_setup.yaml                     | 88 +++++++++++++++++++++++
 llmdoc/architecture/repo-configuration.md | 38 ++++++++++
 llmdoc/guides/gitea-repo-configuration.md | 38 ++++++++++
 3 files changed, 164 insertions(+)
 create mode 100644 gitea_repo_setup.yaml
 create mode 100644 llmdoc/architecture/repo-configuration.md
 create mode 100644 llmdoc/guides/gitea-repo-configuration.md

diff --git a/gitea_repo_setup.yaml b/gitea_repo_setup.yaml
new file mode 100644
index 0000000..44e89cb
--- /dev/null
+++ b/gitea_repo_setup.yaml
@@ -0,0 +1,88 @@
+---
+- name: Gitea APT 仓库配置脚本
+  hosts: all
+  become: yes
+
+  vars:
+    # 可配置参数
+    repo_url: "https://gitea.bcde.io"
+    repo_owner: "wangdefa"
+
+    # 固定路径配置
+    old_source_file: "/etc/apt/sources.list.d/xxxigcc.list"
+    new_source_file: "/etc/apt/sources.list.d/{{ repo_owner }}.list"
+    keyrings_dir: "/etc/apt/keyrings"
+    key_file: "{{ keyrings_dir }}/gitea-{{ repo_owner }}.asc"
+    key_url: "{{ repo_url }}/api/packages/{{ repo_owner }}/debian/repository.key"
+
+  tasks:
+    - name: 检查旧的软件源文件是否存在
+      ansible.builtin.stat:
+        path: "{{ old_source_file }}"
+      register: old_source_stat
+
+    - name: 删除旧的软件源文件
+      ansible.builtin.file:
+        path: "{{ old_source_file }}"
+        state: absent
+      when: old_source_stat.stat.exists
+      register: old_source_removed
+
+    - name: 显示旧源文件删除结果
+      ansible.builtin.debug:
+        msg: "{{ '已删除旧的软件源文件: ' + old_source_file if old_source_stat.stat.exists else '旧的软件源文件不存在，跳过删除' }}"
+
+    - name: 确保 keyrings 目录存在
+      ansible.builtin.file:
+        path: "{{ keyrings_dir }}"
+        state: directory
+        mode: '0755'
+      register: keyrings_dir_created
+
+    - name: 显示 keyrings 目录状态
+      ansible.builtin.debug:
+        msg: "keyrings 目录已确保存在: {{ keyrings_dir }}"
+
+    - name: 下载 GPG 密钥
+      ansible.builtin.get_url:
+        url: "{{ key_url }}"
+        dest: "{{ key_file }}"
+        mode: '0644'
+        force: yes
+      register: key_downloaded
+
+    - name: 显示密钥下载结果
+      ansible.builtin.debug:
+        msg: "GPG 密钥已下载到: {{ key_file }}"
+
+    - name: 创建新的软件源配置
+      ansible.builtin.copy:
+        content: "deb [signed-by={{ key_file }}] {{ repo_url }}/api/packages/{{ repo_owner }}/debian stable main\n"
+        dest: "{{ new_source_file }}"
+        mode: '0644'
+      register: source_created
+
+    - name: 显示软件源配置结果
+      ansible.builtin.debug:
+        msg: "新的软件源配置已创建: {{ new_source_file }}"
+
+    - name: 更新 APT 软件包缓存
+      ansible.builtin.apt:
+        update_cache: yes
+      register: apt_update
+      changed_when: apt_update.cache_updated
+
+    - name: 显示 APT 更新结果
+      ansible.builtin.debug:
+        msg: "APT 软件包缓存已更新"
+
+    - name: 显示操作总结
+      ansible.builtin.debug:
+        msg: |
+          操作完成总结:
+          - 旧源文件: {{ old_source_file }} {{ '(已删除)' if old_source_stat.stat.exists else '(不存在)' }}
+          - keyrings 目录: {{ keyrings_dir }} (已确保存在)
+          - GPG 密钥: {{ key_file }} (已下载)
+          - 新源文件: {{ new_source_file }} (已创建)
+          - 源配置内容: deb [signed-by={{ key_file }}] {{ repo_url }}/api/packages/{{ repo_owner }}/debian stable main
+          - APT 缓存: 已更新
diff --git a/llmdoc/architecture/repo-configuration.md b/llmdoc/architecture/repo-configuration.md
new file mode 100644
index 0000000..130e6e3
--- /dev/null
+++ b/llmdoc/architecture/repo-configuration.md
@@ -0,0 +1,38 @@
+# Gitea 仓库配置架构
+
+## 1. 身份定义
+
+- **组件**: Gitea APT 仓库配置管理
+- **目的**: 自动化 APT 仓库源配置过程
+
+## 2. 核心组件
+
+- `playbooks/gitea_repo_setup.yaml`: 主要配置逻辑
+  - `ansible.builtin.file`: 目录管理
+  - `ansible.builtin.get_url`: 密钥下载
+  - `ansible.builtin.template`: 源文件生成
+  - `ansible.builtin.apt`: 缓存更新
+
+## 3. 执行流程
+
+1. **目录准备**
+   - 检查并创建 `/etc/apt/keyrings/`
+   - 删除旧的仓库源文件
+
+2. **密钥管理**
+   - 下载 GPG 公钥
+   - 确保密钥正确导入
+
+3. **源配置**
+   - 生成 `wangdefa.list`
+   - 配置仓库 URL 和签名信息
+
+4. **缓存刷新**
+   - 触发 `apt update`
+   - 记录更新日志
+
+## 4. 设计原则
+
+- 幂等性：可安全重复执行
+- 参数化：关键配置可动态调整
+- 模块化：遵循 Ansible 最佳实践
\ No newline at end of file
diff --git a/llmdoc/guides/gitea-repo-configuration.md b/llmdoc/guides/gitea-repo-configuration.md
new file mode 100644
index 0000000..dd6a3ba
--- /dev/null
+++ b/llmdoc/guides/gitea-repo-configuration.md
@@ -0,0 +1,38 @@
+# 如何配置 Gitea APT 仓库
+
+## 前提条件
+
+- 已安装 Ansible
+- 目标机器可访问互联网
+- 具有 sudo 权限
+
+## 配置步骤
+
+1. **准备清单文件**
+   - 编辑 `inventory` 文件，添加目标主机
+   ```ini
+   [gitea_hosts]
+   your_target_host ansible_user=your_username
+   ```
+
+2. **设置变量**
+   在 `group_vars` 或 playbook 中定义必要变量：
+   ```yaml
+   repo_url: "https://gitea.example.com/repo"
+   repo_owner: "wangdefa"
+   ```
+
+3. **执行 Playbook**
+   ```bash
+   ansible-playbook -i inventory playbooks/gitea_repo_setup.yaml
+   ```
+
+4. **验证配置**
+   - 检查 `/etc/apt/sources.list.d/wangdefa.list`
+   - 运行 `apt update` 验证源可用性
+
+## 注意事项
+
+- 确保网络连接正常
+- 检查 GPG 密钥下载是否成功
+- 对于不同的 Linux 发行版可能需要调整
\ No newline at end of file