diff --git a/tasks/main.yml b/tasks/main.yml
index 14ce16c..ad391dc 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,2 +1,68 @@
 ---
-# tasks file for ensure_os_upgrade
\ No newline at end of file
+# tasks file for ensure_os_upgrade
+- name: 'include variables'
+  when:
+    - ansible_system == 'Linux'
+  include_vars:
+    file: '{{ lookup("first_found", findme ) }}'
+    name: 'ensure_os_upgrade'
+  vars:
+    findme:
+      files:
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_distribution }}-default.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_os_family }}-default.yml'
+        - 'default.yml'
+      paths:
+        - '../vars/'
+      errors: 'ignore'
+- name: 'package discovery'
+  when:
+    - ansible_system == 'Linux'
+    - packages is not defined
+  ansible.builtin.package_facts:
+- name: 'service discovery'
+  when:
+    - ansible_system == 'Linux'
+    - services is not defined
+  ansible.builtin.service_facts:
+  - name: 'ensure packages'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_os_upgrade is defined
+    - ensure_os_upgrade.package_list is defined
+    - ensure_os_upgrade.package_list is iterable
+    - packages[item.name] is not defined
+  ansible.builtin.package:
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_os_upgrade.package_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+  notify:
+    - 'ensure_os_upgrade.package_facts'
+    - 'ensure_os_upgrade.service_facts'
+- name: 'ensure services'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_os_upgrade is defined
+    - ensure_os_upgrade.service_list is defined
+    - ensure_os_upgrade.service_list is iterable
+  ansible.builtin.service:
+    enabled: '{{ item.enabled }}'
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_os_upgrade.service_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+  notify:
+    - 'ensure_os_upgrade.package_facts'
+    - 'ensure_os_upgrade.service_facts'
+
+
+
+- name: 'flush handlers'
+  meta: 'flush_handlers'
\ No newline at end of file