Support Debian 13 And migrate to deb822

.github/workflows/ci.yml

@@ -49,6 +49,7 @@ jobs:
           # - distro: rockylinux9
           - distro: debian11
           - distro: debian12
+          - distro: debian13
           - distro: ubuntu2204
           - distro: ubuntu2404
 

README.md

@@ -10,7 +10,7 @@ Ansible role which installs and configures PostgreSQL, extensions, databases and
 
 #### Installation
 
-This has been tested on Ansible 2.4.0 and higher.
+This has been tested on Ansible 2.5.0 and higher.
 
 To install:
 
@@ -54,10 +54,12 @@ An example how to include this role as a task:
 
 #### Compatibility matrix
 
+
 | Distribution / PostgreSQL |     11     |     12     |         13         |         14         |         15         |         16         |        17          |
 | ------------------------- | :--------: | :--------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: |
 | Debian 11.x               | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
 | Debian 12.x               | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| Debian 13.x               | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
 | Rockylinux 8.x            | :no_entry: | :no_entry: |     :warning:      |     :warning:      |     :warning:      |     :warning:      |     :warning:      |
 | Rockylinux 9.x            | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |     :warning:      |
 | Ubuntu 22.04.x            | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |

defaults/main.yml

@@ -838,6 +838,7 @@ postgresql_install_repository: true
 # APT settings
 postgresql_apt_key_id: "ACCC4CF8"
 postgresql_apt_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
+postgresql_apt_repository_url: "https://apt.postgresql.org/pub/repos/apt"
 # postgresql_apt_keyring: "/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg"
 
 # repsoitory base

molecule/README.md

@@ -14,6 +14,8 @@ The default distribution is ubuntu2204. You can override th with setting the env
 * fedora40
 * debian11
 * debian12
+=======
+* debian13
 * ubuntu2204
 * ubuntu2404
 
@@ -45,6 +47,7 @@ The playbooks read variables from two files. One common vars file, and one with
 $ ls -1 tests/ | grep vars
 vars.Debian.11.yml
 vars.Debian.12.yml
+vars.Debian.13.yml
 vars.Fedora.40.yml
 vars.Ubuntu.22.yml
 vars.Ubuntu.24.yml

tasks/install_apt.yml

@@ -15,45 +15,48 @@
       - curl
       - gnupg
       - lsb-release
+      - python3-debian
     state: present
     update_cache: true
   when: ansible_facts['pkg_mgr'] == 'apt'
 
-# --- Derive the PGDG suite from the host codename ---
-# Examples: bookworm -> bookworm-pgdg, bullseye -> bullseye-pgdg, jammy -> jammy-pgdg, noble -> noble-pgdg
-- name: Compute PGDG suite from distribution codename
-  ansible.builtin.set_fact:
-    postgresql_apt_suite: "{{ ansible_facts['distribution_release'] }}-pgdg"
-  when: ansible_facts['pkg_mgr'] == 'apt'
+- name: PostgreSQL | Add PostgreSQL repository (deb822)
+  ansible.builtin.deb822_repository:
+    name: postgresql
+    types: ["deb"]
+    uris: ["{{ postgresql_apt_repository_url }}"]
+    suites: ["{{ ansible_distribution_release }}-pgdg"]
+    components: ["main", "{{ postgresql_version }}"]
+    signed_by: "{{ postgresql_apt_key_url }}"
+    state: present
+  when:
+    - postgresql_install_repository
+    - ansible_facts.packages.apt is defined
+    - ansible_facts.packages.apt[0].version is version('2.4', '>=')
 
-# --- Install the PGDG key into a keyring file ---
-# This avoids deprecated apt_key usage and works with newer apt-secure expectations.
-- name: Install PGDG keyring (dearmor GPG key into a file)
-  ansible.builtin.shell: |
-    install -d -m 0755 /usr/share/postgresql-common/pgdg
-    curl -fsSL {{ postgresql_apt_key_url }} \
-      | gpg --dearmor -o /usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg
-  args:
-    creates: /usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg
-  when: ansible_facts['pkg_mgr'] == 'apt'
+- name: PostgreSQL | Add PostgreSQL repository apt-key | apt
+  apt_key:
+    id: "{{ postgresql_apt_key_id }}"
+    url: "{{ postgresql_apt_key_url }}"
+    state: present
+    keyring: /etc/apt/trusted.gpg.d/postgresql.gpg
+  when:
+    - postgresql_apt_key_url is defined and postgresql_apt_key_url | length > 0
+    - postgresql_apt_key_id is defined and postgresql_apt_key_id | length > 0
+    - postgresql_install_repository
+    - ansible_facts.packages.apt[0].version is version('2.4', '<')
 
-# --- Add the PGDG APT repository (HTTPS + signed-by) ---
-# We explicitly build the repo line to ensure the correct suite and signed-by usage.
-- name: Add PGDG APT repository
-  ansible.builtin.apt_repository:
-    repo: >-
-      deb [signed-by=/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg]
-      {{ postgresql_apt_repo_base }}
-      {{ postgresql_apt_suite }} main
-    filename: pgdg
+- name: PostgreSQL | Add PostgreSQL repository | apt
+  apt_repository:
+    repo: "{{ postgresql_apt_repository }}"
     state: present
   when:
-    - ansible_facts['pkg_mgr'] == 'apt'
-    - (postgresql_install_repository | default(true)) | bool
+   - postgresql_apt_repository | default('') != ''
+   - postgresql_install_repository
+   - ansible_facts.packages.apt[0].version is version('2.4', '<')
 
-# --- Optional pinning (preferences) ---
-- name: Add APT preferences for PGDG (pinning)
-  ansible.builtin.template:
+- name: PostgreSQL | Add PostgreSQL repository preferences | apt
+  template:
     src: etc_apt_preferences.d_apt_postgresql_org_pub_repos_apt.pref.j2
     dest: /etc/apt/preferences.d/apt_postgresql_org_pub_repos_apt.pref
   when:
@@ -74,7 +77,6 @@
     - (postgresql_apt_dependencies | default([])) | length > 0
 
 # --- Install PostgreSQL packages from PGDG ---
-# Use default_release only if we know the suite; this avoids "invalid APT::Default-Release" errors.
 - name: Install PostgreSQL server/client/contrib
   ansible.builtin.apt:
     name:
@@ -84,9 +86,6 @@
     state: present
     update_cache: true
     cache_valid_time: "{{ apt_cache_valid_time | default(3600) }}"
-    default_release: >-
-      {{ postgresql_default_release
-         | default(postgresql_apt_suite | default(omit)) }}
   environment: "{{ postgresql_env | default({}) }}"
   when: ansible_facts['pkg_mgr'] == 'apt'
 

tasks/main.yml

@@ -30,6 +30,10 @@
         - "{{ role_path }}/vars"
   tags: [always]
 
+- name: Gather package facts
+  ansible.builtin.package_facts:
+    manager: apt
+
 # --- Installers par famille/distro ---
 - name: Install on APT-based systems
   ansible.builtin.import_tasks: install_apt.yml

tests/vars.Debian.13.yml

@@ -0,0 +1 @@
+---

vars/Debian_22.yml

@@ -3,4 +3,4 @@
 
 postgresql_service_name: "postgresql"
 
-postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}"
+postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] {{ postgresql_apt_repository_url }}/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}"

vars/trixie.yml

@@ -0,0 +1,6 @@
+---
+# PostgreSQL vars for Debian Trixie (13)
+
+postgresql_ext_postgis_deps:
+  - "postgresql-{{postgresql_version}}-postgis-3"
+  - "postgresql-{{postgresql_version}}-postgis-3-scripts"