Merge branch 'new-infra' of gitea.auro.re:aurore/ansible into new-infra

This commit is contained in:
jeltz 2023-11-01 05:58:29 +01:00
commit 13f22bc7b8
Signed by: jeltz
GPG key ID: 800882B66C0C3326
4 changed files with 50 additions and 0 deletions

View file

@ -5,4 +5,5 @@
- vm_network
roles:
- base_utils
- unattended_upgrades
...

View file

@ -0,0 +1,16 @@
---
- name: Install unattended-upgrades
apt:
name: unattended-upgrades
- name: Configure unattended-upgrades
template:
src: "{{ item }}.j2"
dest: "/etc/apt/apt.conf.d/{{ item }}"
owner: root
group: root
mode: "u=rw,g=r,o=r"
loop:
- 20auto-upgrades
- 50unattended-upgrades
...

View file

@ -0,0 +1,4 @@
{{ ansible_managed | comment }}
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

View file

@ -0,0 +1,29 @@
{{ ansible_managed | comment }}
Unattended-Upgrade::Origins-Pattern {
"origin=Debian,label=Debian-Security";
};
Unattended-Upgrade::Package-Blacklist {};
Unattended-Upgrade::Package-Whitelist {};
Unattended-Upgrade::Automatic-Reboot "false";
Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::IgnoreAppsRequireRestart "false";
Unattended-Upgrade::InstallOnShutdown "false";
Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::Mail "{{ monitoring_mail }}";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Keep-Debs-After-Install "false";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";
Unattended-Upgrade::SyslogEnable "true";
Unattended-Upgrade::SyslogFacility "daemon";
Unattended-Upgrade::OnlyOnACPower "false";
# https://bugs.launchpad.net/ubuntu/+source/pygobject/+bug/1859080
Unattended-Upgrade::Skip-Updates-On-Metered-Connections "false";