From a53e09ce2f43f6659abdc003c0d0f193929e9a84 Mon Sep 17 00:00:00 2001 From: Adrien Date: Sat, 11 Jan 2020 10:27:05 +0100 Subject: [PATCH] Add auto update for RHEL linux family --- tasks/main.yml | 10 ++++ templates/etc/yum/yum-cron.conf.j2 | 81 ++++++++++++++++++++++++++++++ vars/RedHat.yml | 1 + 3 files changed, 92 insertions(+) create mode 100644 templates/etc/yum/yum-cron.conf.j2 diff --git a/tasks/main.yml b/tasks/main.yml index c4e0870..898c525 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -53,6 +53,16 @@ #0 #UTC +- name: "Configure auto update for RHEL linux family" + template: + src: etc/yum/yum-cron.conf.j2 + dest: /etc/yum/yum-cron.conf + owner: root + group: root + mode: 0644 + when: + - ansible_os_family == "RedHat" + - name: upgrade all packages package: name: "*" diff --git a/templates/etc/yum/yum-cron.conf.j2 b/templates/etc/yum/yum-cron.conf.j2 new file mode 100644 index 0000000..bd1ec68 --- /dev/null +++ b/templates/etc/yum/yum-cron.conf.j2 @@ -0,0 +1,81 @@ +[commands] +# What kind of update to use: +# default = yum upgrade +# security = yum --security upgrade +# security-severity:Critical = yum --sec-severity=Critical upgrade +# minimal = yum --bugfix update-minimal +# minimal-security = yum --security update-minimal +# minimal-security-severity:Critical = --sec-severity=Critical update-minimal +update_cmd = default + +# Whether a message should be emitted when updates are available, +# were downloaded, or applied. +update_messages = yes + +# Whether updates should be downloaded when they are available. +download_updates = yes + +# Whether updates should be applied when they are available. Note +# that download_updates must also be yes for the update to be applied. +apply_updates = yes + +# Maximum amout of time to randomly sleep, in minutes. The program +# will sleep for a random amount of time between 0 and random_sleep +# minutes before running. This is useful for e.g. staggering the +# times that multiple systems will access update servers. If +# random_sleep is 0 or negative, the program will run immediately. +# 6*60 = 360 +random_sleep = 360 + + +[emitters] +# Name to use for this system in messages that are emitted. If +# system_name is None, the hostname will be used. +system_name = None + +# How to send messages. Valid options are stdio and email. If +# emit_via includes stdio, messages will be sent to stdout; this is useful +# to have cron send the messages. If emit_via includes email, this +# program will send email itself according to the configured options. +# If emit_via is None or left blank, no messages will be sent. +emit_via = stdio + +# The width, in characters, that messages that are emitted should be +# formatted to. +output_width = 80 + + +[email] +# The address to send email messages from. +# NOTE: 'localhost' will be replaced with the value of system_name. +email_from = root@localhost + +# List of addresses to send messages to. +email_to = root + +# Name of the host to connect to to send email messages. +email_host = localhost + + +[groups] +# NOTE: This only works when group_command != objects, which is now the default +# List of groups to update +group_list = None + +# The types of group packages to install +group_package_types = mandatory, default + +[base] +# This section overrides yum.conf + +# Use this to filter Yum core messages +# -4: critical +# -3: critical+errors +# -2: critical+errors+warnings (default) +debuglevel = -2 + +# skip_broken = True +mdpolicy = group:main + +# Uncomment to auto-import new gpg keys (dangerous) +# assumeyes = True diff --git a/vars/RedHat.yml b/vars/RedHat.yml index e6115a0..ac6d8e8 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -13,3 +13,4 @@ base_packages: - patch - bash-completion - libselinux-python + - yum-cron