Cleanup apt_common
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing

This commit is contained in:
jeltz 2022-02-26 19:20:30 +01:00
parent 2411cb32b0
commit f596071f49
Signed by: jeltz
GPG key ID: 800882B66C0C3326
5 changed files with 13 additions and 14 deletions

View file

@ -1,11 +1,11 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
# Put a common configuration on all servers
- hosts: all,!unifi - hosts: all,!unifi
vars: vars:
locales_default: en_US.UTF-8 locales_default: en_US.UTF-8
locales_additional: locales_additional:
- fr_FR.UTF-8 - fr_FR.UTF-8
apt_upgrade_email_address: monitoring.aurore@lists.crans.org
roles: roles:
- debian_common - debian_common
- apt_common - apt_common
@ -13,3 +13,4 @@
- basesecurity - basesecurity
- logrotate - logrotate
- update_motd - update_motd
...

View file

@ -12,4 +12,8 @@
loop: loop:
- 20auto-upgrades - 20auto-upgrades
- 50unattended-upgrades - 50unattended-upgrades
- name: Install debsums
apt:
name: debsums
... ...

View file

@ -1,4 +1,4 @@
// {{ ansible_managed }} {{ ansible_managed | comment("c") }}
APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::Unattended-Upgrade "1";

View file

@ -1,4 +1,4 @@
// {{ ansible_managed }} {{ ansible_managed | comment("c") }}
Unattended-Upgrade::Origins-Pattern { Unattended-Upgrade::Origins-Pattern {
"origin=Debian,codename=${distro_codename},label=Debian-Security"; "origin=Debian,codename=${distro_codename},label=Debian-Security";
@ -9,8 +9,10 @@ Unattended-Upgrade::Package-Blacklist {};
Unattended-Upgrade::MinimalSteps "true"; Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::InstallOnShutdown "false"; Unattended-Upgrade::InstallOnShutdown "false";
Unattended-Upgrade::Mail "{{ monitoring_mail }}"; {% if apt_upgrade_email_address | default(False) %}
// Unattended-Upgrade::MailOnlyOnError "false"; Unattended-Upgrade::Mail "{{ apt_upgrade_email_address }}";
Unattended-Upgrade::MailOnlyOnError "false";
{% endif %}
Unattended-Upgrade::Remove-Unused-Kernel-Packages "false"; Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";
Unattended-Upgrade::Remove-New-Unused-Dependencies "false"; Unattended-Upgrade::Remove-New-Unused-Dependencies "false";

View file

@ -23,12 +23,4 @@
- /bin/mount # Only root should mount - /bin/mount # Only root should mount
- /bin/umount # Only root should umount - /bin/umount # Only root should umount
ignore_errors: true # Sometimes file won't exist ignore_errors: true # Sometimes file won't exist
...
# See altered packages and configurations with `debsums -ca`
- name: Install debsums
apt:
name: debsums
state: present
register: apt_result
retries: 3
until: apt_result is succeeded