diff options
Diffstat (limited to 'ansible/roles/unattended-upgrades/tasks/main.yml')
-rw-r--r-- | ansible/roles/unattended-upgrades/tasks/main.yml | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/ansible/roles/unattended-upgrades/tasks/main.yml b/ansible/roles/unattended-upgrades/tasks/main.yml new file mode 100644 index 0000000..0bc02a1 --- /dev/null +++ b/ansible/roles/unattended-upgrades/tasks/main.yml @@ -0,0 +1,39 @@ +--- +- name: Packages for unattended upgrades + become: true + apt: + name: "{{ item }}" + install_recommends: no + with_items: + - unattended-upgrades + - apt-listchanges + +- name: Configure /etc/apt/apt.conf.d/50unattended-upgrades + become: true + copy: + dest: /etc/apt/apt.conf.d/50unattended-upgrades + content: | + Unattended-Upgrade::Origins-Pattern { + "origin=Debian,codename=${distro_codename},label=Debian"; + "origin=Debian,codename=${distro_codename}-updates,label=Debian"; + "origin=Debian,codename=${distro_codename},label=Debian-Security"; + "origin=apt.postgresql.org,codename=${distro_codename}-pgdg,label=PostgreSQL for Debian/Ubuntu repository"; + } + Unattended-Upgrade::MinimalSteps "False"; + Unattended-Upgrade::Mail "{{ unattended_upgrades.mail }}"; + Unattended-Upgrade::MailOnlyOnError "false"; + +- name: Configure /etc/apt/apt.conf.d/20auto-upgrades + become: true + copy: + dest: /etc/apt/apt.conf.d/20auto-upgrades + content: | + APT::Periodic::Update-Package-Lists "1"; + APT::Periodic::Unattended-Upgrade "1"; + +- name: Configure /etc/apt/listchanges.conf + become: true + lineinfile: + dest: /etc/apt/listchanges.conf + line: "email_address={{ unattended_upgrades.mail }}" + regexp: "^email_address=" |