40 lines
1 KiB
YAML
40 lines
1 KiB
YAML
---
|
|
# Configure unattended-upgrades for automatic OS updates
|
|
|
|
- name: Install unattended-upgrades package
|
|
apt:
|
|
name:
|
|
- unattended-upgrades
|
|
- apt-listchanges
|
|
state: present
|
|
|
|
- name: Get hostname
|
|
set_fact:
|
|
current_hostname: "{{ ansible_hostname }}"
|
|
|
|
- name: Set reboot time based on hostname
|
|
set_fact:
|
|
reboot_time: "{{ reboot_schedule[current_hostname] | default('03:00') }}"
|
|
|
|
- name: Configure unattended-upgrades
|
|
template:
|
|
src: 50unattended-upgrades.j2
|
|
dest: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
mode: '0644'
|
|
notify: restart unattended-upgrades
|
|
|
|
- name: Enable automatic updates
|
|
copy:
|
|
dest: /etc/apt/apt.conf.d/20auto-upgrades
|
|
content: |
|
|
APT::Periodic::Update-Package-Lists "1";
|
|
APT::Periodic::Download-Upgradeable-Packages "1";
|
|
APT::Periodic::AutocleanInterval "7";
|
|
APT::Periodic::Unattended-Upgrade "1";
|
|
mode: '0644'
|
|
|
|
- name: Start and enable unattended-upgrades service
|
|
systemd:
|
|
name: unattended-upgrades
|
|
state: started
|
|
enabled: yes
|