diff --git a/roles/base/defaults/main.yml b/roles/base/defaults/main.yml index e29f51e..51e2d57 100644 --- a/roles/base/defaults/main.yml +++ b/roles/base/defaults/main.yml @@ -71,6 +71,22 @@ base_core_root_ca_url: "" # Enables the installation of the cockpit web management package(s) base_core_web_management: false +# ****** +# Debian +# ****** + +# Automatic Updates +# ============= + +# commands +# -------- + +base_debian_automatic_updates_download: "02:00" +base_debian_automatic_updates_download_randomizer: "5m" +base_debian_automatic_updates_update: "02:15" +base_debian_automatic_updates_update_randomizer: "5m" +base_debian_automatic_updates_reboot: "03:30" + # ****** # RedHat # ****** diff --git a/roles/base/tasks/debian_automatic_updates.yml b/roles/base/tasks/debian_automatic_updates.yml index ca35f8a..3973ce1 100644 --- a/roles/base/tasks/debian_automatic_updates.yml +++ b/roles/base/tasks/debian_automatic_updates.yml @@ -29,7 +29,7 @@ lineinfile: path: /etc/apt/apt.conf.d/50unattended-upgrades regexp: '^\/?\/?Unattended-Upgrade::Automatic-Reboot-Time ' - line: 'Unattended-Upgrade::Automatic-Reboot-Time "03:30";' + line: "Unattended-Upgrade::Automatic-Reboot-Time \"{{ base_debian_automatic_updates_reboot }}\";" - name: Ensure directory exists for daily download timer file: diff --git a/roles/base/templates/apt-daily-upgrade.timer.d_override.conf.j2 b/roles/base/templates/apt-daily-upgrade.timer.d_override.conf.j2 index f2e45f5..9902c41 100644 --- a/roles/base/templates/apt-daily-upgrade.timer.d_override.conf.j2 +++ b/roles/base/templates/apt-daily-upgrade.timer.d_override.conf.j2 @@ -1,4 +1,4 @@ [Timer] OnCalendar= -OnCalendar=02:15 -RandomizedDelaySec=0 +OnCalendar={{ base_debian_automatic_updates_update }} +RandomizedDelaySec={{ base_debian_automatic_updates_update_randomizer }} diff --git a/roles/base/templates/apt-daily.timer.d_override.conf.j2 b/roles/base/templates/apt-daily.timer.d_override.conf.j2 index fdd89c0..9026136 100644 --- a/roles/base/templates/apt-daily.timer.d_override.conf.j2 +++ b/roles/base/templates/apt-daily.timer.d_override.conf.j2 @@ -1,4 +1,4 @@ [Timer] OnCalendar= -OnCalendar=02:00 -RandomizedDelaySec=0 +OnCalendar={{ base_debian_automatic_updates_download }} +RandomizedDelaySec={{ base_debian_automatic_updates_download_randomizer }}