David Kilias
2efd892bc1
- fix typo in role name - make origin patterns for unattended upgrades less release specific
38 lines
900 B
YAML
38 lines
900 B
YAML
---
|
|
# tasks for all hosts
|
|
|
|
- hosts: all
|
|
become: true
|
|
|
|
vars:
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
|
|
roles:
|
|
- role: ansible.timezone
|
|
|
|
tasks:
|
|
- name: Update and clean package cache
|
|
apt:
|
|
update_cache: true
|
|
cache_valid_time: 3600
|
|
autoclean: true
|
|
changed_when: false
|
|
|
|
- name: Ensure unattended-upgrades is installed and up to date
|
|
apt:
|
|
name: unattended-upgrades
|
|
state: present
|
|
|
|
- name: Setup unattended-upgrades
|
|
include_role:
|
|
name: hifis.unattended_upgrades
|
|
vars:
|
|
unattended_origins_patterns:
|
|
- "origin=Debian,archive={{ ansible_distribution_release }}-security"
|
|
- "o=Debian,a={{ ansible_distribution_release }}-updates"
|
|
unattended_package_blacklist: [cowsay]
|
|
unattended_mail: "root"
|
|
|
|
- name: Setup users
|
|
include_role:
|
|
name: users
|