Ansible-Linux_Base/roles/base/tasks/debian_automatic_updates.yml

56 lines
1.6 KiB
YAML

---
# file: roles/base/tasks/debian_automatic_updates.yml
- name: Install unattended upgrade packages
package:
name:
- unattended-upgrades
- update-notifier-common
state: latest
- name: Activate auto upgrades
template:
src: 20auto-upgrades.j2
dest: /etc/apt/apt.conf.d/20auto-upgrades
- name: Enable updates for all repos
lineinfile:
path: /etc/apt/apt.conf.d/50unattended-upgrades
regexp: '"\${distro_id}:\${distro_codename}-updates";'
line: ' "*:*";'
- name: Enable auto-reboot
lineinfile:
path: /etc/apt/apt.conf.d/50unattended-upgrades
regexp: '^\/?\/?Unattended-Upgrade::Automatic-Reboot '
line: 'Unattended-Upgrade::Automatic-Reboot "true";'
- name: Configure auto-reboot time
lineinfile:
path: /etc/apt/apt.conf.d/50unattended-upgrades
regexp: '^\/?\/?Unattended-Upgrade::Automatic-Reboot-Time '
line: "Unattended-Upgrade::Automatic-Reboot-Time \"{{ base_debian_automatic_updates_reboot }}\";"
- name: Ensure directory exists for daily download timer
file:
path: /etc/systemd/system/apt-daily.timer.d
recurse: yes
state: directory
- name: Configure daily download timer
template:
src: apt-daily.timer.d_override.conf.j2
dest: /etc/systemd/system/apt-daily.timer.d/override.conf
notify: Daemon Reload
- name: Ensure directory exists for daily upgrade timer
file:
path: /etc/systemd/system/apt-daily-upgrade.timer.d
recurse: yes
state: directory
- name: Configure daily upgrade timer
template:
src: apt-daily-upgrade.timer.d_override.conf.j2
dest: /etc/systemd/system/apt-daily-upgrade.timer.d/override.conf
notify: Daemon Reload