From: David Galloway <david.galloway@ibm.com>
Date: Thu, 5 Feb 2026 14:17:01 +0000 (-0500)
Subject: common: s/http/https in apt sources as outbound port 80 is blocked in Sepia
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F817%2Fhead;p=ceph-cm-ansible.git

common: s/http/https in apt sources as outbound port 80 is blocked in Sepia

Signed-off-by: David Galloway <david.galloway@ibm.com>
---

diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index 30e2a52d..72534de6 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -5,3 +5,7 @@
     state: restarted
   # There's an issue with ansible<=2.9 and our custom built kernels (5.8 as of this commit) where the service and systemd modules don't have backwards compatibility with init scripts
   ignore_errors: "{{ 'ceph' in ansible_kernel }}"
+
+- name: apt update
+  ansible.builtin.apt:
+    update_cache: yes
diff --git a/roles/common/tasks/apt_systems.yml b/roles/common/tasks/apt_systems.yml
index 824b1333..a0987925 100644
--- a/roles/common/tasks/apt_systems.yml
+++ b/roles/common/tasks/apt_systems.yml
@@ -57,3 +57,24 @@
     state: present
   when:
     - ansible_distribution_major_version|int >= 24
+
+# Outbound port 80 traffic is blocked in Sepia
+- name: Find apt source list files
+  ansible.builtin.find:
+    paths:
+      - /etc/apt
+      - /etc/apt/sources.list.d
+    patterns:
+      - sources.list
+      - "*.list"
+    file_type: file
+  register: apt_source_files
+
+- name: Replace http with https in apt sources
+  ansible.builtin.replace:
+    path: "{{ item.path }}"
+    regexp: '(^\s*deb(?:-src)?\s+)(http://)'
+    replace: '\1https://'
+    backup: yes
+  loop: "{{ apt_source_files.files }}"
+  notify: apt update