diff --git a/tasks/main.yml b/tasks/main.yml
index e181b32..1d44ec8 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -86,10 +86,11 @@
       group: root
       mode: 0644
     when:
+      - base_autoupdate | bool
       - ansible_os_family == "RedHat"
       - ansible_distribution_major_version == '7'
 
-  - name: "Configure auto update for RHEL 8 linux family"
+  - name: "Configure auto update for RHEL 8/9 linux family"
     template:
       src: etc/dnf/automatic.conf.j2
       dest: /etc/dnf/automatic.conf
@@ -97,8 +98,9 @@
       group: root
       mode: 0644
     when:
+      - base_autoupdate | bool
       - ansible_os_family == "RedHat"
-      - ansible_distribution_major_version == '8'
+      - ansible_distribution_major_version >= '8'
 
   - name: enable a timer for dnf-automatic for RHEL 8 linux family
     systemd:
@@ -106,11 +108,12 @@
       state: started
       enabled: yes
     when:
+      - base_autoupdate | bool
       - ansible_os_family == "RedHat"
-      - ansible_distribution_major_version == '8'
+      - ansible_distribution_major_version >= '8'
 
 # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/managing_monitoring_and_updating_the_kernel/index#applying-patches-with-kernel-live-patching_managing-monitoring-and-updating-the-kernel
-  - name: Install kpatch packages on RedHat Enterprise Linux 8
+  - name: Install kpatch packages on RedHat Enterprise Linux 8/9
     package:
       name:
         - kpatch
@@ -120,10 +123,11 @@
       update_cache: yes
       state: present
     when:
+      - base_autoupdate | bool
       - ansible_distribution == "RedHat"
-      - ansible_distribution_major_version == '8'
+      - ansible_distribution_major_version >= '8'
 
-  - name: "Configure kernel auto update for RedHat Enterprise Linux 8"
+  - name: "Configure kernel auto update for RedHat Enterprise Linux 8/9"
     copy:
       src: etc/dnf/plugins/kpatch.conf
       dest: /etc/dnf/plugins/kpatch.conf
@@ -131,17 +135,19 @@
       group: root
       mode: 0644
     when:
+      - base_autoupdate | bool
       - ansible_distribution == "RedHat"
-      - ansible_distribution_major_version == '8'
+      - ansible_distribution_major_version >= '8'
 
-  - name: enable kernel auto update for RHEL 8 linux family
+  - name: enable kernel auto update for RHEL 8/9 linux family
     systemd:
       name: kpatch.service
       state: started
       enabled: yes
     when:
+      - base_autoupdate | bool
       - ansible_distribution == "RedHat"
-      - ansible_distribution_major_version == '8'
+      - ansible_distribution_major_version >= '8'
 
 #  - name: upgrade all packages
 #    package:
@@ -203,6 +209,6 @@
         - not hostsallow.stat.exists
     when:
       - ansible_os_family == "RedHat"
-#      - ansible_distribution_major_version < '8'
+      - ansible_distribution_major_version < '9'
   tags:
     - base
diff --git a/vars/RedHat_9.yml b/vars/RedHat_9.yml
new file mode 100644
index 0000000..5759f71
--- /dev/null
+++ b/vars/RedHat_9.yml
@@ -0,0 +1,33 @@
+---
+base_packages:
+  - "@core"
+  - NetworkManager-team
+  - NetworkManager-bluetooth
+  - NetworkManager-wifi
+  - NetworkManager-wwan
+#  - aide
+  - bash-completion
+  - chrony
+  - device-mapper-event
+  - dmidecode
+  - firewalld
+  - kexec-tools
+#  - libcap-ng-utils
+  - pigz # epel
+  - patch
+  - pciutils
+  - python3-libselinux
+  - rng-tools
+  - rsync
+  - screen
+  - usbutils
+  - wget
+  - xz
+  - dnf-automatic
+ # - tcp_wrappers
+
+base_packages_servers:
+  - "@^minimal-environment"
+  - NetworkManager-config-server
+  - NetworkManager-dispatcher-routing-rules
+  - iscsi-initiator-utils