unattended_upgrades: migration

This commit is contained in:
v-lafeychine 2023-10-03 14:09:48 +02:00
parent 35cdf782c8
commit 45d380c641
Signed by: v-lafeychine
GPG key ID: F46CAAD27C7AB0D5
4 changed files with 50 additions and 0 deletions

View file

@ -5,4 +5,5 @@
- vm_network
roles:
- base_utils
- unattended_upgrades
...

View file

@ -0,0 +1,16 @@
---
- name: Install unattended-upgrades
apt:
name: unattended-upgrades
- name: Configure unattended-upgrades
template:
src: "{{ item }}.j2"
dest: "/etc/apt/apt.conf.d/{{ item }}"
owner: root
group: root
mode: "u=rw,g=r,o=r"
loop:
- 20auto-upgrades
- 50unattended-upgrades
...

View file

@ -0,0 +1,4 @@
{{ ansible_managed | comment }}
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

View file

@ -0,0 +1,29 @@
{{ ansible_managed | comment }}
Unattended-Upgrade::Origins-Pattern {
"origin=Debian,codename=${distro_codename},label=Debian-Security";
};
Unattended-Upgrade::Package-Blacklist {};
Unattended-Upgrade::Package-Whitelist {};
Unattended-Upgrade::Automatic-Reboot "false";
Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::IgnoreAppsRequireRestart "false";
Unattended-Upgrade::InstallOnShutdown "false";
Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::Mail "{{ monitoring_mail }}";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Keep-Debs-After-Install "false";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";
Unattended-Upgrade::SyslogEnable "true";
Unattended-Upgrade::SyslogFacility "daemon";
Unattended-Upgrade::OnlyOnACPower "false";
# https://bugs.launchpad.net/ubuntu/+source/pygobject/+bug/1859080
Unattended-Upgrade::Skip-Updates-On-Metered-Connections "false";