diff options
Diffstat (limited to '')
| -rw-r--r-- | roles/apt/tasks/main.yml | 3 | ||||
| -rw-r--r-- | roles/apt/tasks/unattended_upgrades.yml | 33 |
2 files changed, 36 insertions, 0 deletions
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml index 1d07a7f..6511c44 100644 --- a/roles/apt/tasks/main.yml +++ b/roles/apt/tasks/main.yml @@ -25,3 +25,6 @@ install_recommends: false name: '{{ apt_extra_packages }}' state: present + +- name: Configure unattended-upgrades + ansible.builtin.include_tasks: unattended_upgrades.yml diff --git a/roles/apt/tasks/unattended_upgrades.yml b/roles/apt/tasks/unattended_upgrades.yml new file mode 100644 index 0000000..79327d5 --- /dev/null +++ b/roles/apt/tasks/unattended_upgrades.yml @@ -0,0 +1,33 @@ +- name: Install unattended-upgrades + become: + ansible.builtin.apt: + install_recommends: false + name: unattended-upgrades + state: present + +- name: 50unattended-upgrades + become: true + ansible.builtin.template: + src: 50unattended-upgrades.j2 + dest: /etc/apt/apt.conf.d/50unattended-upgrades + owner: root + group: root + mode: '644' + +# https://wiki.debian.org/UnattendedUpgrades says that 20auto-upgrades and +# 02periodic are _alternatives_ (and, presumably, not mechanisms that can be +# used together). +- name: 20auto-upgrades + become: true + ansible.builtin.file: + path: /etc/apt/apt.conf.d/20auto-upgrades + state: absent + +- name: 02periodic + become: true + ansible.builtin.template: + src: 02periodic.j2 + dest: /etc/apt/apt.conf.d/02periodic + owner: root + group: root + mode: '644' |