From 7d08549f69749a4de35d45bb7a1e802215be6169 Mon Sep 17 00:00:00 2001 From: Zolfa Date: Sun, 13 Dec 2020 20:31:03 +0100 Subject: [PATCH] roles/lxc_guest: enable unattented upgrade --- roles/lxc_guest/handlers/main.yaml | 6 ++++++ roles/lxc_guest/tasks/02-configure.yaml | 28 +++++++++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/roles/lxc_guest/handlers/main.yaml b/roles/lxc_guest/handlers/main.yaml index b99ee4f..bf1f8e9 100644 --- a/roles/lxc_guest/handlers/main.yaml +++ b/roles/lxc_guest/handlers/main.yaml @@ -4,4 +4,10 @@ name: '{{ vm_name }}' state: 'restarted' register: container_restart + +- name: 'systemd daemon-reload' + systemd: + daemon_reload: true + delegate_to: '{{ vm_name }}' + connection: 'ssh_lxc' ... diff --git a/roles/lxc_guest/tasks/02-configure.yaml b/roles/lxc_guest/tasks/02-configure.yaml index 57b0121..2906a68 100644 --- a/roles/lxc_guest/tasks/02-configure.yaml +++ b/roles/lxc_guest/tasks/02-configure.yaml @@ -42,6 +42,18 @@ connection: 'ssh_lxc' notify: 'restart container' +- name: 'configure | Debian | APT Unattended Upgrades' + apt: + pkg: + - 'unattended-upgrades' + - 'apt-listchanges' + state: 'present' + update_cache: true + cache_valid_time: 3600 + delegate_to: '{{ vm_name }}' + when: distro == 'debian' + connection: 'ssh_lxc' + - name: 'configure | Debian | APT Periodic' lineinfile: path: '/etc/apt/apt.conf.d/02periodic' @@ -51,10 +63,26 @@ loop: - { key: 'APT::Periodic::Enable', value: '1' } - { key: 'APT::Periodic::Update-Package-Lists', value: '1' } + - { key: 'APT::Periodic::Download-Upgradeable-Packages', value: '1' } + - { key: 'APT::Periodic::Unattended-Upgrade', value: '1' } + - { key: 'APT::Periodic::AutocleanInterval', value: '21' } - { key: 'APT::Periodic::Verbose', value: '2' } delegate_to: '{{ vm_name }}' when: distro == 'debian' connection: 'ssh_lxc' +- name: 'configure | Debian | APT Periodic | Upgrade immediately after download' + blockinfile: + path: '/lib/systemd/system/apt-daily.service' + insertafter: '^After=' + marker: '# {mark} LILiK-FIX [AnsibleManaged]: Install updates immediately after download' + block: | + Before=apt-daily-upgrade.service + Wants=apt-daily-upgrade.service + delegate_to: '{{ vm_name }}' + when: distro == 'debian' + connection: 'ssh_lxc' + notify: 'systemd daemon-reload' + - meta: 'flush_handlers' ...