39 lines
851 B
YAML
39 lines
851 B
YAML
|
---
|
||
|
|
# tasks for all hosts
|
||
|
|
|
||
|
|
- hosts: all
|
||
|
|
become: true
|
||
|
|
|
||
|
|
vars:
|
||
|
|
ansible_python_interpreter: /usr/bin/python3
|
||
|
|
|
||
|
|
roles:
|
||
|
|
- role: ansible.timezone
|
||
|
|
|
||
|
|
tasks:
|
||
|
|
- name: Update and clean package cache
|
||
|
|
apt:
|
||
|
|
update_cache: true
|
||
|
|
cache_valid_time: 3600
|
||
|
|
autoclean: true
|
||
|
|
changed_when: false
|
||
|
|
|
||
|
|
- name: Ensure unattended-upgrades is installed and up to date
|
||
|
|
apt:
|
||
|
|
name: unattended-upgrades
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Setup unattended-upgrades
|
||
|
|
include_role:
|
||
|
|
name: ansible-role-unattended-upgrades
|
||
|
|
vars:
|
||
|
|
unattended_origins_patterns:
|
||
|
|
- "origin=Debian,archive=buster-security"
|
||
|
|
- "o=Debian,a=buster-updates"
|
||
|
|
unattended_package_blacklist: [cowsay]
|
||
|
|
unattended_mail: "root"
|
||
|
|
|
||
|
|
- name: Setup users
|
||
|
|
include_role:
|
||
|
|
name: users
|