Parameter |
Choices/Defaults |
Comments |
async
boolean
|
|
If set to yes Yum will download packages and metadata from this repo in parallel, if possible.
|
attributes
string
|
|
The attributes the resulting file or directory should have.
To get supported flags look at the man page for chattr on the target system.
This string should contain the attributes in the same order as the one displayed by lsattr.
The = operator is assumed as default, otherwise + or - operators need to be included in the string.
aliases: attr
|
bandwidth
-
|
Default:
0
|
Maximum available network bandwidth in bytes/second. Used with the throttle option.
If throttle is a percentage and bandwidth is 0 then bandwidth throttling will be disabled. If throttle is expressed as a data rate (bytes/sec) then this option is ignored. Default is 0 (no bandwidth throttling).
|
baseurl
-
|
|
URL to the directory where the yum repository's 'repodata' directory lives.
It can also be a list of multiple URLs.
This, the metalink or mirrorlist parameters are required if state is set to present .
|
cost
-
|
Default:
1000
|
Relative cost of accessing this repository. Useful for weighing one repo's packages as greater/less than any other.
|
deltarpm_metadata_percentage
-
|
Default:
100
|
When the relative size of deltarpm metadata vs pkgs is larger than this, deltarpm metadata is not downloaded from the repo. Note that you can give values over 100 , so 200 means that the metadata is required to be half the size of the packages. Use 0 to turn off this check, and always download metadata.
|
deltarpm_percentage
-
|
Default:
75
|
When the relative size of delta vs pkg is larger than this, delta is not used. Use 0 to turn off delta rpm processing. Local repositories (with file:// baseurl) have delta rpms turned off by default.
|
description
-
|
|
A human readable string describing the repository. This option corresponds to the "name" property in the repo file.
This parameter is only required if state is set to present .
|
enabled
boolean
|
|
This tells yum whether or not use this repository.
|
enablegroups
boolean
|
|
Determines whether yum will allow the use of package groups for this repository.
|
exclude
-
|
|
List of packages to exclude from updates or installs. This should be a space separated list. Shell globs using wildcards (eg. * and ? ) are allowed.
The list can also be a regular YAML array.
|
failovermethod
-
|
Choices:
roundrobin ←
- priority
|
roundrobin randomly selects a URL out of the list of URLs to start with and proceeds through each of them as it encounters a failure contacting the host.
priority starts from the first baseurl listed and reads through them sequentially.
|
file
-
|
|
File name without the .repo extension to save the repo in. Defaults to the value of name.
|
gpgcakey
-
|
|
A URL pointing to the ASCII-armored CA key file for the repository.
|
gpgcheck
boolean
|
|
Tells yum whether or not it should perform a GPG signature check on packages.
No default setting. If the value is not set, the system setting from /etc/yum.conf or system default of no will be used.
|
gpgkey
-
|
|
A URL pointing to the ASCII-armored GPG key file for the repository.
It can also be a list of multiple URLs.
|
group
string
|
|
Name of the group that should own the file/directory, as would be fed to chown.
|
http_caching
-
|
Choices:
all ←
- packages
- none
|
Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does.
all means that all HTTP downloads should be cached.
packages means that only RPM package downloads should be cached (but not repository metadata downloads).
none means that no HTTP downloads should be cached.
|
include
-
|
|
Include external configuration file. Both, local path and URL is supported. Configuration file will be inserted at the position of the include= line. Included files may contain further include lines. Yum will abort with an error if an inclusion loop is detected.
|
includepkgs
-
|
|
List of packages you want to only use from a repository. This should be a space separated list. Shell globs using wildcards (eg. * and ? ) are allowed. Substitution variables (e.g. $releasever ) are honored here.
The list can also be a regular YAML array.
|
ip_resolve
-
|
Choices:
- 4
- 6
- IPv4
- IPv6
whatever ←
|
Determines how yum resolves host names.
4 or IPv4 - resolve to IPv4 addresses only.
6 or IPv6 - resolve to IPv6 addresses only.
|
keepalive
boolean
|
|
This tells yum whether or not HTTP/1.1 keepalive should be used with this repository. This can improve transfer speeds by using one connection when downloading multiple files from a repository.
|
keepcache
-
|
|
Either 1 or 0 . Determines whether or not yum keeps the cache of headers and packages after successful installation.
|
metadata_expire
-
|
Default:
21600
|
Time (in seconds) after which the metadata will expire.
Default value is 6 hours.
|
metadata_expire_filter
-
|
Choices:
- never
- read-only:past
read-only:present ←
- read-only:future
|
Filter the metadata_expire time, allowing a trade of speed for accuracy if a command doesn't require it. Each yum command can specify that it requires a certain level of timeliness quality from the remote repos. from "I'm about to install/upgrade, so this better be current" to "Anything that's available is good enough".
never - Nothing is filtered, always obey metadata_expire.
read-only:past - Commands that only care about past information are filtered from metadata expiring. Eg. yum history info (if history needs to lookup anything about a previous transaction, then by definition the remote package was available in the past).
read-only:present - Commands that are balanced between past and future. Eg. yum list yum.
read-only:future - Commands that are likely to result in running other commands which will require the latest metadata. Eg. yum check-update.
Note that this option does not override "yum clean expire-cache".
|
metalink
-
|
|
Specifies a URL to a metalink file for the repomd.xml, a list of mirrors for the entire repository are generated by converting the mirrors for the repomd.xml file to a baseurl.
This, the baseurl or mirrorlist parameters are required if state is set to present .
|
mirrorlist
-
|
|
Specifies a URL to a file containing a list of baseurls.
This, the baseurl or metalink parameters are required if state is set to present .
|
mirrorlist_expire
-
|
Default:
21600
|
Time (in seconds) after which the mirrorlist locally cached will expire.
Default value is 6 hours.
|
mode
string
|
|
The permissions the resulting file or directory should have.
For those used to /usr/bin/chmod remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like 0644 or 01777 ) or quote it (like '644' or '1777' ) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, u+rwx or u=rw,g=r,o=r ).
As of Ansible 2.6, the mode may also be the special string preserve .
When set to preserve the file will be given the same permissions as the source file.
|
name
-
/ required
|
|
Unique repository ID. This option builds the section name of the repository in the repo file.
This parameter is only required if state is set to present or absent .
|
owner
string
|
|
Name of the user that should own the file/directory, as would be fed to chown.
|
password
-
|
|
Password to use with the username for basic authentication.
|
priority
-
|
Default:
99
|
Enforce ordered protection of repositories. The value is an integer from 1 to 99.
This option only works if the YUM Priorities plugin is installed.
|
protect
boolean
|
|
Protect packages from updates from other repositories.
|
proxy
-
|
|
URL to the proxy server that yum should use. Set to _none_ to disable the global proxy setting.
|
proxy_password
-
|
|
Password for this proxy.
|
proxy_username
-
|
|
Username to use for proxy.
|
repo_gpgcheck
boolean
|
|
This tells yum whether or not it should perform a GPG signature check on the repodata from this repository.
|
reposdir
-
|
Default:
"/etc/yum.repos.d"
|
Directory where the .repo files will be stored.
|
retries
-
|
Default:
10
|
Set the number of times any attempt to retrieve a file should retry before returning an error. Setting this to 0 makes yum try forever.
|
s3_enabled
boolean
|
|
Enables support for S3 repositories.
This option only works if the YUM S3 plugin is installed.
|
selevel
string
|
Default:
"s0"
|
The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the range .
When set to _default , it will use the level portion of the policy if available.
|
serole
string
|
|
The role part of the SELinux file context.
When set to _default , it will use the role portion of the policy if available.
|
setype
string
|
|
The type part of the SELinux file context.
When set to _default , it will use the type portion of the policy if available.
|
seuser
string
|
|
The user part of the SELinux file context.
By default it uses the system policy, where applicable.
When set to _default , it will use the user portion of the policy if available.
|
skip_if_unavailable
boolean
|
|
If set to yes yum will continue running if this repository cannot be contacted for any reason. This should be set carefully as all repos are consulted for any given command.
|
ssl_check_cert_permissions
boolean
|
|
Whether yum should check the permissions on the paths for the certificates on the repository (both remote and local).
If we can't read any of the files then yum will force skip_if_unavailable to be yes . This is most useful for non-root processes which use yum on repos that have client cert files which are readable only by root.
|
sslcacert
-
|
|
Path to the directory containing the databases of the certificate authorities yum should use to verify SSL certificates.
aliases: ca_cert
|
sslclientcert
-
|
|
Path to the SSL client certificate yum should use to connect to repos/remote sites.
aliases: client_cert
|
sslclientkey
-
|
|
Path to the SSL client key yum should use to connect to repos/remote sites.
aliases: client_key
|
sslverify
boolean
|
|
Defines whether yum should verify SSL certificates/hosts at all.
aliases: validate_certs
|
state
-
|
Choices:
- absent
present ←
|
State of the repo file.
|
throttle
-
|
|
Enable bandwidth throttling for downloads.
This option can be expressed as a absolute data rate in bytes/sec. An SI prefix (k, M or G) may be appended to the bandwidth value.
|
timeout
-
|
Default:
30
|
Number of seconds to wait for a connection before timing out.
|
ui_repoid_vars
-
|
Default:
"releasever basearch"
|
When a repository id is displayed, append these yum variables to the string if they are used in the baseurl/etc. Variables are appended in the order listed (and found).
|
unsafe_writes
boolean
|
|
Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption.
|
username
-
|
|
Username to use for basic authentication to a repo or really any url.
|