63 lines
1.4 KiB
YAML
63 lines
1.4 KiB
YAML
---
|
|
- name: update and cleanup
|
|
apt:
|
|
update_cache: yes
|
|
cache_valid_time: 600
|
|
upgrade: dist
|
|
autoclean: true
|
|
autoremove: true
|
|
tags:
|
|
- update
|
|
|
|
- name: install unattended upgrades
|
|
apt:
|
|
name: unattended-upgrades
|
|
purge: yes
|
|
state: "{% if update.unattended %}present{% else %}absent{% endif %}"
|
|
|
|
- name: configure unattended upgrades
|
|
when: update.unattended
|
|
ansible.builtin.copy:
|
|
src: "50unattended-upgrades"
|
|
dest: "/etc/apt/apt.conf.d/50unattended-upgrades"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|
|
- name: overwrite apt-daily.timer
|
|
when: update.unattended
|
|
ansible.builtin.template:
|
|
src: "apt-daily.timer.j2"
|
|
dest: "/etc/systemd/system/apt-daily.timer"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify:
|
|
- restart apt-daily.timer
|
|
|
|
- name: overwrite apt-daily-upgrade.timer
|
|
when: update.unattended
|
|
ansible.builtin.template:
|
|
src: "apt-daily-upgrade.timer.j2"
|
|
dest: "/etc/systemd/system/apt-daily-upgrade.timer"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify:
|
|
- restart apt-daily-upgrade.timer
|
|
|
|
- name: enable auto upgrades
|
|
when: update.unattended
|
|
ansible.builtin.copy:
|
|
src: "/usr/share/unattended-upgrades/20auto-upgrades"
|
|
dest: "/etc/apt/apt.conf.d/20auto-upgrades"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
remote_src: yes
|
|
|
|
- name: clean
|
|
command: apt-get clean
|
|
changed_when: False
|
|
tags:
|
|
- update
|