72 lines
1.9 KiB
YAML
72 lines
1.9 KiB
YAML
---
|
|
# tasks file for ensure_os_patch
|
|
- name: 'package discovery'
|
|
when:
|
|
- ansible_system == 'Linux'
|
|
- packages is not defined
|
|
ansible.builtin.package_facts:
|
|
- name: 'service discovery'
|
|
when:
|
|
- ansible_system == 'Linux'
|
|
- services is not defined
|
|
ansible.builtin.service_facts:
|
|
- name: 'ensure patch'
|
|
when:
|
|
- ansible_system == 'Linux'
|
|
- ansible_pkg_mgr == 'dnf' or
|
|
ansible_pkg_mgr == 'yum'
|
|
ansible.builtin.package:
|
|
name: '*'
|
|
state: 'latest'
|
|
notify:
|
|
- 'ensure_os_patch.package_facts'
|
|
- 'ensure_os_patch.service_facts'
|
|
- name: 'ensure patch'
|
|
when:
|
|
- ansible_system == 'Linux'
|
|
- ansible_pkg_mgr == 'apt'
|
|
ansible.builtin.apt:
|
|
autoclean: 'yes'
|
|
autoremove: 'yes'
|
|
upgrade: 'dist'
|
|
notify:
|
|
- 'ensure_os_patch.package_facts'
|
|
- 'ensure_os_patch.service_facts'
|
|
- name: 'Ensure dnf-automatic installation'
|
|
when:
|
|
- ansible_system == 'Linux'
|
|
- (
|
|
ansible_distribution == 'Fedora' and
|
|
ansible_distribution_major_version is version('21', '>=')
|
|
) or (
|
|
ansible_distirbution == 'CentOS' and
|
|
ansible_distribution_major_version is version('8', '>=')
|
|
)
|
|
ansible.builtin.package:
|
|
name:
|
|
- 'dnf-automatic'
|
|
state: 'present'
|
|
notify:
|
|
- 'ensure_os_patch.package_facts'
|
|
- 'ensure_os_patch.service_facts'
|
|
- name: 'Ensure dnf-automatic runs'
|
|
when:
|
|
- ansible_system == 'Linux'
|
|
- (
|
|
ansible_distribution == 'Fedora' and
|
|
ansible_distribution_major_version is version('21', '>=')
|
|
) or (
|
|
ansible_distirbution == 'CentOS' and
|
|
ansible_distribution_major_version is version('8', '>=')
|
|
)
|
|
ansible.builtin.service:
|
|
enabled: 'yes'
|
|
name: 'dnf-automatic-install.timer'
|
|
state: 'started'
|
|
notify:
|
|
- 'ensure_os_patch.package_facts'
|
|
- 'ensure_os_patch.service_facts'
|
|
- name: 'flush handlers'
|
|
meta: 'flush_handlers'
|
|
|