update..
This commit is contained in:
@ -24,6 +24,11 @@
|
||||
tags:
|
||||
- symlink-sh
|
||||
|
||||
|
||||
# ----------
|
||||
# systemd stuff
|
||||
# ----------
|
||||
|
||||
- name: (basic.yml) Ensure directory '/etc/systemd/system.conf.d' exists
|
||||
file:
|
||||
path: /etc/systemd/system.conf.d
|
||||
@ -55,6 +60,11 @@
|
||||
tags:
|
||||
- systemd-config
|
||||
|
||||
|
||||
# ----------
|
||||
# kernel parameter
|
||||
# ----------
|
||||
|
||||
- name: (basic.yml) Ensure directory '/etc/sysctl.d' exists
|
||||
file:
|
||||
path: etc/sysctl.d
|
||||
@ -86,3 +96,55 @@
|
||||
tags:
|
||||
- systctl-config
|
||||
|
||||
|
||||
# ----------
|
||||
# unattended upgrades
|
||||
# ----------
|
||||
|
||||
- name: (basic.yml) install unattended-upgrades
|
||||
apt: pkg=unattended-upgrades state=present
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
- name: (basic.yml) install apt-listchanges
|
||||
apt: pkg=apt-listchanges state=present
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
- name: (basic.yml) remove apticron
|
||||
apt: pkg=apticron state=absent
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
- name: (basic.yml) check if /etc/apt/apt.conf.d/20auto-upgrades exists
|
||||
stat: path=/etc/apt/apt.conf.d/20auto-upgrades
|
||||
register: ua_enabled
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
- name: (basic.yml) activate unattended upgrades
|
||||
shell: dpkg-reconfigure -plow unattended-upgrades
|
||||
when: ua_enabled.stat.exists == False
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
- name: (basic.yml) copy apt-listchanges.conf
|
||||
template:
|
||||
src: etc/apt/listchanges.conf.j2
|
||||
dest: /etc/apt/listchanges.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
- name: (basic.yml) copy unattended-upgrades conf
|
||||
template:
|
||||
src: etc/apt/apt.conf.d/50unattended-upgrades.j2
|
||||
dest: /etc/apt/apt.conf.d/50unattended-upgrades
|
||||
backup: yes
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
tags:
|
||||
- unattended-upgrades
|
||||
|
||||
47
roles/common/tasks/cron.yml
Normal file
47
roles/common/tasks/cron.yml
Normal file
@ -0,0 +1,47 @@
|
||||
---
|
||||
|
||||
- name: (cron.yml) Set env entries in user crontabs
|
||||
cron:
|
||||
name: '{{ item.name }}'
|
||||
env: 'yes'
|
||||
user: '{{ item.user | default(omit) }}'
|
||||
job: '{{ item.job }}'
|
||||
insertafter: '{{ item.insertafter | default(omit) }}'
|
||||
loop: "{{ cron_env_entries }}"
|
||||
loop_control:
|
||||
label: '{{ item.name }}'
|
||||
when: item.job is defined
|
||||
tags:
|
||||
- user_crontab
|
||||
|
||||
|
||||
- name: (cron.yml) Set special time entries in user crontabs
|
||||
cron:
|
||||
name: '{{ item.name }}'
|
||||
special_time: '{{ item.special_time }}'
|
||||
user: '{{ item.user | default(omit) }}'
|
||||
job: '{{ item.job }}'
|
||||
state: present
|
||||
loop: "{{ cron_user_special_time_entries }}"
|
||||
loop_control:
|
||||
label: '{{ item.name }}'
|
||||
when: item.job is defined
|
||||
tags:
|
||||
- user_crontab
|
||||
|
||||
|
||||
- name: (cron.yml) Set normal entries in user crontabs
|
||||
cron:
|
||||
name: '{{ item.name }}'
|
||||
minute: '{{ item.minute | default(omit) }}'
|
||||
hour: '{{ item.hour | default(omit) }}'
|
||||
day: '{{ day | default(omit) }}'
|
||||
weekday: '{{ item.weekday | default(omit) }}'
|
||||
month: '{{ item.month | default(omit) }}'
|
||||
job: '{{ item.job }}'
|
||||
loop: "{{ cron_user_entries }}"
|
||||
loop_control:
|
||||
label: '{{ item.name }}'
|
||||
when: item.job is defined
|
||||
tags:
|
||||
- user_crontab
|
||||
@ -28,6 +28,9 @@
|
||||
- import_tasks: apt.yml
|
||||
tags: apt
|
||||
|
||||
- import_tasks: cron.yml
|
||||
tags:
|
||||
- cron
|
||||
|
||||
# tags supported inside shell.yml
|
||||
#
|
||||
|
||||
@ -0,0 +1,17 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
Unattended-Upgrade::Origins-Pattern {
|
||||
"origin=Debian,codename=${distro_codename},label=Debian";
|
||||
"origin=Debian,codename=${distro_codename},label=Debian-Security";
|
||||
"origin=Debian,codename=${distro_codename}-security,label=Debian-Security";
|
||||
"origin=Debian,codename=${distro_codename}-updates";
|
||||
"origin=Debian,codename=${distro_codename}-backports";
|
||||
};
|
||||
|
||||
Unattended-Upgrade::Mail "root";
|
||||
|
||||
Unattended-Upgrade::MinimalSteps "true";
|
||||
|
||||
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
|
||||
Unattended-Upgrade::Remove-Unused-Dependencies "true";
|
||||
Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
|
||||
8
roles/common/templates/etc/apt/listchanges.conf.j2
Normal file
8
roles/common/templates/etc/apt/listchanges.conf.j2
Normal file
@ -0,0 +1,8 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
[apt]
|
||||
frontend=mail
|
||||
email_address=root
|
||||
confirm=0
|
||||
save_seen=/var/lib/apt/listchanges.db
|
||||
which=both
|
||||
Reference in New Issue
Block a user