ansible.builtin.apt – Manages apt-packages
This module is part of
ansible-core and included in all Ansible
installations. In most cases, you can use the short
apt even without specifying the
However, we recommend you use the FQCN for easy linking to the
module documentation and to avoid conflicting with other collections that may have
the same module name.
New in version 0.0.2: of ansible.builtin
The below requirements are needed on the host that executes this module.
python-apt (python 2)
python3-apt (python 3)
aptitude (before 2.4)
Three of the upgrade modes (
safeand its alias
aptitudeup to 2.3, since 2.4
apt-getis used as a fall-back.
In most cases, packages installed with apt will start newly installed services by default. Most distributions have mechanisms to avoid this. For example when installing Postgresql-9.5 in Debian 9, creating an excutable shell script (/usr/sbin/policy-rc.d) that throws a return code of 101 will stop Postgresql 9.5 starting up after install. Remove the file or remove its execute permission afterwards.
The apt-get commandline supports implicit regex matches here but we do not because it can let typos through easier (If you typo
foapt-get would install packages that have “fo” in their name with a warning and a prompt for the user. Since we don’t have warnings and prompts before installing we disallow this.Use an explicit fnmatch pattern if you want wildcarding)
When used with a loop: each package will be processed individually, it is much more efficient to pass the list directly to the name option.
- name: Install apache httpd (state=present is optional) apt: name: apache2 state: present - name: Update repositories cache and install "foo" package apt: name: foo update_cache: yes - name: Remove "foo" package apt: name: foo state: absent - name: Install the package "foo" apt: name: foo - name: Install a list of packages apt: pkg: - foo - foo-tools - name: Install the version '1.00' of package "foo" apt: name: foo=1.00 - name: Update the repository cache and update package "nginx" to latest version using default release squeeze-backport apt: name: nginx state: latest default_release: squeeze-backports update_cache: yes - name: Install zfsutils-linux with ensuring conflicted packages (e.g. zfs-fuse) will not be removed. apt: name: zfsutils-linux state: latest fail_on_autoremove: yes - name: Install latest version of "openjdk-6-jdk" ignoring "install-recommends" apt: name: openjdk-6-jdk state: latest install_recommends: no - name: Update all packages to their latest version apt: name: "*" state: latest - name: Upgrade the OS (apt-get dist-upgrade) apt: upgrade: dist - name: Run the equivalent of "apt-get update" as a separate step apt: update_cache: yes - name: Only run "update_cache=yes" if the last one is more than 3600 seconds ago apt: update_cache: yes cache_valid_time: 3600 - name: Pass options to dpkg on run apt: upgrade: dist update_cache: yes dpkg_options: 'force-confold,force-confdef' - name: Install a .deb package apt: deb: /tmp/mypackage.deb - name: Install the build dependencies for package "foo" apt: pkg: foo state: build-dep - name: Install a .deb package from the internet apt: deb: https://example.com/python-ppq_0.1-1_all.deb - name: Remove useless packages from the cache apt: autoclean: yes - name: Remove dependencies that are no longer required apt: autoremove: yes # Sometimes apt tasks fail because apt is locked by an autoupdate or by a race condition on a thread. # To check for a lock file before executing, and keep trying until the lock file is released: - name: Install packages only when the apt process is not locked apt: name: foo state: present register: apt_action retries: 100 until: apt_action is success or ('Failed to lock apt for exclusive operation' not in apt_action.msg and '/var/lib/dpkg/lock' not in apt_action.msg)
Common return values are documented here, the following are the fields unique to this module: