From de422a9f0a095d146f3b5c36e8bf453073bb96fe Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Mon, 25 Aug 2025 17:12:47 +0200 Subject: [PATCH] feat(update): add update task to common role --- tasks/apt/update.yaml | 63 +++++++++++++++++++++++++++++++++++++++++++ tasks/main.yaml | 5 ++++ 2 files changed, 68 insertions(+) create mode 100644 tasks/apt/update.yaml diff --git a/tasks/apt/update.yaml b/tasks/apt/update.yaml new file mode 100644 index 0000000..6fe4f4f --- /dev/null +++ b/tasks/apt/update.yaml @@ -0,0 +1,63 @@ +--- + +# apt update +- name: "apt update" + tags: "apt-update" + when: 'ansible_os_family == "Debian"' + block: + + # run apt update + - name: "apt update" + ansible.builtin.apt: + upgrade: "yes" + cache_valid_time: 60 + failed_when: false + + # cleanup apt + - name: "apt cleanup" + ansible.builtin.apt: + autoclean: true + autoremove: true + clean: true + changed_when: false + failed_when: false + + # cleanup journal + - name: "cleanup journal" + ansible.builtin.command: + cmd: "journalctl --flush --rotate --vacuum-time=1s" + changed_when: false + failed_when: false + + # run fstrim on vms + - name: "run fstrim on vm" + ansible.builtin.command: + cmd: "fstrim /" + changed_when: false + failed_when: false + when: 'type == "vm"' + + # check for reboots + - name: "check if reboot required" + ansible.builtin.stat: + path: "/var/run/reboot-required" + changed_when: false + failed_when: false + register: "reboot_required" + + # execute reboot + - name: "execute reboot" + when: "reboot_required.stat.exists" + block: + + # reboot + - name: "reboot now" + ansible.builtin.reboot: + when: 'inventory_hostname != "ansible.siempie.internal"' + + # schedule reboot + - name: "schedule reboot" + ansible.builtin.command: + cmd: 'shutdown -r +1 "Ansible: Reboot after updates"' + changed_when: false + when: 'inventory_hostname == "ansible.siempie.internal"' diff --git a/tasks/main.yaml b/tasks/main.yaml index 661e55b..2ba3010 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -48,6 +48,11 @@ - name: "flush handlers" ansible.builtin.meta: "flush_handlers" +- name: "apt - update" + ansible.builtin.import_tasks: "apt/update.yaml" + when: "ansible_os_family == 'Debian'" + tags: "apt-update" + - name: "apt - packages" ansible.builtin.import_tasks: "apt/packages.yaml" when: "ansible_os_family == 'Debian'"