Commit | Line | Data |
---|---|---|
7a1ce7d7 KS |
1 | --- |
2 | # @TODO: Remove pins | |
3 | # @TODO: Should 3rd party sources be removed? | |
4 | # @TODO: Ensure kernel package is installed | |
5 | # @TODO: Should a 2nd sshd be started on a non-standard port in case of failure? | |
6 | - name: dpkg audit | |
7 | command: | |
8 | cmd: 'dpkg --audit' | |
9 | - name: show holds | |
10 | command: | |
11 | cmd: 'apt-mark showhold' | |
12 | - name: remove all holds | |
13 | command: | |
14 | cmd: "apt-mark unhold '*'" | |
15 | - name: Replace release in apt sources.list | |
16 | replace: | |
17 | regexp: "{{ansible_distribution_release}}" | |
18 | replace: "{{next_release}}" | |
19 | path: /etc/apt/sources.list | |
20 | - name: Replace release in apt sources.list.d | |
21 | shell: | |
22 | cmd: "sed -i 's/{{ansible_distribution_release}}/{{next_release}}/' /etc/apt/sources.list.d/*" | |
23 | warn: false | |
24 | ignore_errors: true | |
25 | - apt: | |
26 | update_cache: true | |
27 | # @TODO: Check required disk space and available disk space | |
28 | - name: Download packages | |
29 | command: | |
7033367a | 30 | cmd: 'apt-get -y -d upgrade {{apt_common_options}}' |
7a1ce7d7 KS |
31 | warn: false |
32 | environment: "{{apt_noninteractive_environment}}" | |
33 | - name: Minimal upgrade run | |
34 | command: | |
7033367a | 35 | cmd: 'apt upgrade -y --without-new-pkgs {{apt_common_options}}' |
7a1ce7d7 KS |
36 | warn: false |
37 | environment: "{{apt_noninteractive_environment}}" | |
38 | - name: Full upgrade run | |
39 | command: | |
7033367a | 40 | cmd: 'apt full-upgrade -y {{apt_common_options}}' |
7a1ce7d7 KS |
41 | warn: false |
42 | environment: "{{apt_noninteractive_environment}}" | |
43 | # @TODO: reconfigure grub if installed | |
44 | # `dpkg-reconfigure grub-pc` on many systems, but not all | |
45 | # @TODO: Our instances often have an OS version identifier, | |
46 | # it would be handy to do a replace in /etc/hostname | |
47 | # before rebooting | |
48 | - name: Reboot | |
49 | command: /usr/sbin/reboot | |
50 | async: 0 | |
51 | poll: 0 | |
52 | ignore_errors: true | |
53 | register: last_result | |
54 | - name: wait for the server to reboot | |
55 | local_action: wait_for host={{ inventory_hostname }} | |
56 | port=22 | |
57 | delay=1 | |
58 | timeout=300 | |
59 | state=started | |
60 | when: last_result.changed | |
61 | become: false | |
62 | - name: Purge configuration of removed packages | |
63 | command: | |
64 | cmd: "apt -y purge '~c'" | |
65 | warn: false | |
66 | environment: "{{apt_noninteractive_environment}}" | |
67 | - name: Purge obsolete packages | |
68 | command: | |
69 | cmd: "apt -y purge '~o'" | |
70 | warn: false | |
71 | environment: "{{apt_noninteractive_environment}}" |