aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/roles/pacman
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--roles/pacman/handlers/main.yml8
-rw-r--r--roles/pacman/tasks/main.yml48
2 files changed, 56 insertions, 0 deletions
diff --git a/roles/pacman/handlers/main.yml b/roles/pacman/handlers/main.yml
new file mode 100644
index 0000000..9dd7b9f
--- /dev/null
+++ b/roles/pacman/handlers/main.yml
@@ -0,0 +1,8 @@
+- name: Reboot
+ reboot:
+ when: 'ansible_env["SSH_CLIENT"].split()[0] not in ansible_all_ipv4_addresses'
+
+- name: Wait for connectivity
+ # One of the nodes is the VPN server connecting all the other nodes, wait
+ # until all of them are back up:
+ wait_for_connection:
diff --git a/roles/pacman/tasks/main.yml b/roles/pacman/tasks/main.yml
new file mode 100644
index 0000000..8e20aa5
--- /dev/null
+++ b/roles/pacman/tasks/main.yml
@@ -0,0 +1,48 @@
+- name: Check if pacman is installed
+ command: pacman --version
+ register: pacman_version
+ changed_when: no
+ ignore_errors: yes
+
+- when: pacman_version.rc == 0
+ become: yes
+ block:
+ - name: Upgrade packages
+ community.general.pacman:
+ update_cache: yes
+ upgrade: yes
+ notify:
+ - Reboot
+ - Wait for connectivity
+ rescue:
+ - fail:
+ msg: Upgrading packages failed for an unknown reason!
+ when: not etc_versioned
+
+ - name: There are uncommitted changes
+ shell: cd /etc && git status --porcelain=v1
+ register: git_status
+ changed_when: no
+
+ - fail:
+ msg: Upgrading packages failed for an unknown reason!
+ when: not git_status.stdout
+
+ - name: All changes are pacman.d/gnupg
+ shell: cd /etc && git status --porcelain=v1 | cut -c 4- | grep -G -v '^pacman.d/gnupg/'
+ register: only_gnupg
+ changed_when: no
+ ignore_errors: yes
+
+ - name: Commit pacman.d/gnupg
+ command: |
+ etckeeper commit 'pacman: GPG keys'
+ when: git_status.stdout and only_gnupg.rc != 0
+
+ - name: Upgrade packages after GPG keys
+ community.general.pacman:
+ update_cache: yes
+ upgrade: yes
+ notify:
+ - Reboot
+ - Wait for connectivity