commit 33dd18713dcd3b9c34514fd673b6a0ea4ead4ad3
Author: Johann <johann.gargot@johann-infra.net>
Date:   Thu Aug 21 15:48:36 2025 +0200

    initial commit

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..966dee1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+.ansible/
+.vscode/
+
+inventory.yaml
+
diff --git a/playbook.yaml b/playbook.yaml
new file mode 100644
index 0000000..30cfe31
--- /dev/null
+++ b/playbook.yaml
@@ -0,0 +1,43 @@
+---
+- name: Install knot-dns.cz repository
+
+  hosts: ungrouped
+  remote_user: root
+
+  vars_files: vars.yaml
+
+  pre_tasks:
+    - name: Resynchronize APT packages indexes
+      ansible.builtin.apt:
+        update_cache: true
+
+    - name: Install required APT packages
+      ansible.builtin.apt:
+        state: present
+        name:
+          - ca-certificates
+          - apt-transport-https
+
+    - name: Update keyrings/ directory permissions
+      ansible.builtin.file:
+        path: '/etc/apt/keyrings'
+        owner: _apt
+        group: nogroup
+        mode: '0755'
+
+  tasks:
+    - name: Download knot-dns.cz GPG public key
+      ansible.builtin.get_url:
+        url: "{{ url_knotdns_gpg_public }}"
+        dest: "{{ path_knotdns_apt_keyring }}"
+        owner: _apt
+        group: nogroup
+        mode: '0644'
+
+    - name: Add knot-dns.cz APT repository
+      ansible.builtin.apt_repository:
+        repo: >-
+          deb [signed-by={{ path_knotdns_apt_keyring }}]
+          https://deb.knot-dns.cz/knot {{ ansible_distribution_release }} main
+        filename: knot-dns
+...
diff --git a/vars.yaml b/vars.yaml
new file mode 100644
index 0000000..5310d11
--- /dev/null
+++ b/vars.yaml
@@ -0,0 +1,4 @@
+---
+url_knotdns_gpg_public: 'https://deb.knot-dns.cz/apt.gpg'
+path_knotdns_apt_keyring: '/etc/apt/keyrings/knot-dns.gpg'
+...
\ No newline at end of file