56 lines
1.6 KiB
YAML
56 lines
1.6 KiB
YAML
---
|
|
# file: roles/base/tasks/debian_automatic_updates.yml
|
|
|
|
- name: Install unattended upgrade packages
|
|
package:
|
|
name:
|
|
- unattended-upgrades
|
|
- update-notifier-common
|
|
state: latest
|
|
|
|
- name: Activate auto upgrades
|
|
template:
|
|
src: 20auto-upgrades.j2
|
|
dest: /etc/apt/apt.conf.d/20auto-upgrades
|
|
|
|
- name: Enable updates for all repos
|
|
lineinfile:
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
regexp: '"\${distro_id}:\${distro_codename}-updates";'
|
|
line: ' "*:*";'
|
|
|
|
- name: Enable auto-reboot
|
|
lineinfile:
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
regexp: '^\/?\/?Unattended-Upgrade::Automatic-Reboot '
|
|
line: 'Unattended-Upgrade::Automatic-Reboot "true";'
|
|
|
|
- name: Configure auto-reboot time
|
|
lineinfile:
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
regexp: '^\/?\/?Unattended-Upgrade::Automatic-Reboot-Time '
|
|
line: "Unattended-Upgrade::Automatic-Reboot-Time \"{{ base_debian_automatic_updates_reboot }}\";"
|
|
|
|
- name: Ensure directory exists for daily download timer
|
|
file:
|
|
path: /etc/systemd/system/apt-daily.timer.d
|
|
recurse: yes
|
|
state: directory
|
|
|
|
- name: Configure daily download timer
|
|
template:
|
|
src: apt-daily.timer.d_override.conf.j2
|
|
dest: /etc/systemd/system/apt-daily.timer.d/override.conf
|
|
notify: Daemon Reload
|
|
|
|
- name: Ensure directory exists for daily upgrade timer
|
|
file:
|
|
path: /etc/systemd/system/apt-daily-upgrade.timer.d
|
|
recurse: yes
|
|
state: directory
|
|
|
|
- name: Configure daily upgrade timer
|
|
template:
|
|
src: apt-daily-upgrade.timer.d_override.conf.j2
|
|
dest: /etc/systemd/system/apt-daily-upgrade.timer.d/override.conf
|
|
notify: Daemon Reload
|