mg
/
homeserver
1
0
Fork 0
Code Issues 1 Pull Requests Activity

Rolle aktualisiert: unattended upgrades (#461) 

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: #461
This commit is contained in:
Michael Grote 2023-02-17 12:17:12 +01:00
parent c86eb523bb
commit b5c16eaacd
46 changed files with 1916 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
playbooks/base/unattended_upgrades.yml
View File

@ -1,7 +1,7 @@
---
- hosts: all:!proxmox
roles:
- { role: jnv.unattended_upgrades,
- { role: hifis-net.unattended_upgrades,
become: true,
tags: unattended,
when: "ansible_facts['distribution'] == 'Ubuntu'"}

11
playbooks/on-off/delete_old_upgrades_config.yml Normal file
View File

@ -0,0 +1,11 @@
---
- hosts: all
tasks:
- name: delete_old_upgrades_config
become: yes
ansible.builtin.file:
name: "{{ item }}"
state: absent
loop:
- /etc/apt/apt.conf.d/20auto-upgrades
- /etc/apt/apt.conf.d/50unattended-upgrades

0
roles/jnv.unattended_upgrades/.editorconfig → roles/hifis-net.unattended_upgrades/.editorconfig
View File

6
roles/hifis-net.unattended_upgrades/.github/CODEOWNERS vendored Normal file
View File

@ -0,0 +1,6 @@
# SPDX-FileCopyrightText: 2022 Helmholtz Centre for Environmental Research (UFZ)
# SPDX-FileCopyrightText: 2022 Helmholtz-Zentrum Dresden-Rossendorf (HZDR)
#
# SPDX-License-Identifier: Apache-2.0
* @hifis-net/hifis-software-technology

19
roles/hifis-net.unattended_upgrades/.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,19 @@
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
# Check for updates to GitHub Actions every weekday
interval: "daily"
- package-ecosystem: "pip"
directory: "/"
schedule:
# Check for updates to pip packages every weekday
interval: "daily"
ignore:
- dependency-name: "python"
update-types: ["version-update:semver-major"]
...

74
roles/hifis-net.unattended_upgrades/.github/workflows/ci.yml vendored Normal file
View File

@ -0,0 +1,74 @@
---
name: "CI"
on:
pull_request:
push:
branches:
- "main"
tags:
- "v*.*.*"
schedule:
- cron: '0 0 * * *'
env:
PY_COLORS: 1
ANSIBLE_FORCE_COLOR: 1
jobs:
lint:
name: "Lint"
runs-on: "ubuntu-22.04"
steps:
- name: "Check out the codebase."
uses: "actions/checkout@v3"
- name: "Prepare the job environment."
uses: "./.github/workflows/prepare-action"
- name: "Lint code."
run: "pipenv run molecule lint"
test:
name: "Run Molecule tests."
runs-on: "ubuntu-22.04"
strategy:
fail-fast: false
matrix:
image:
- "ghcr.io/hifis-net/ubuntu-systemd:22.04"
- "ghcr.io/hifis-net/ubuntu-systemd:20.04"
- "ghcr.io/hifis-net/ubuntu-systemd:18.04"
- "ghcr.io/hifis-net/debian-systemd:11"
- "ghcr.io/hifis-net/debian-systemd:10"
steps:
- name: "Check out the codebase."
uses: "actions/checkout@v3"
- name: "Enable lingering required for podman and systemd in GH Actions."
run: | # Compare with https://github.com/eriksjolund/user-systemd-service-actions-workflow/blob/efe872924fd2dd35bb482544126ce751303e14c2/README.md
sudo loginctl enable-linger $UID
sleep 1
- name: "Prepare the job environment."
uses: "./.github/workflows/prepare-action"
- name: "Run Molecule tests."
run: "pipenv run molecule test"
env:
MOLECULE_IMAGE: "${{ matrix.image }}"
release:
name: "Release new version on Ansible Galaxy"
runs-on: "ubuntu-22.04"
if: "startsWith(github.ref, 'refs/tags/v')"
needs: ["lint", "test"]
steps:
- name: "checkout"
uses: "actions/checkout@v3"
- name: "galaxy"
uses: "robertdebock/galaxy-action@1.2.1"
with:
galaxy_api_key: "${{ secrets.galaxy_api_key }}"
git_branch: "main"

20
roles/hifis-net.unattended_upgrades/.github/workflows/prepare-action/action.yml vendored Normal file
View File

@ -0,0 +1,20 @@
---
name: "Install dependencies and prepare the environment."
description: "Install the necessary dependencies for jobs."
runs:
using: "composite"
steps:
- name: "Install pipenv."
run: "pipx install pipenv"
shell: "bash"
- name: "Set up Python 3."
uses: "actions/setup-python@v4"
id: "setup-python"
with:
python-version: "3.10"
cache: "pipenv"
- name: "Install dependencies via pipenv."
run: "pipenv install --dev"
shell: "bash"

3
roles/hifis-net.unattended_upgrades/.github_changelog_generator Normal file
View File

@ -0,0 +1,3 @@
user=hifis-net
project=ansible-role-unattended-upgrades
since-tag=v1.12.2

1
roles/jnv.unattended_upgrades/.gitignore → roles/hifis-net.unattended_upgrades/.gitignore vendored
View File

@ -1,3 +1,4 @@
.vagrant/
*~
*.log
.idea/

16
roles/hifis-net.unattended_upgrades/.travis.yml Normal file
View File

@ -0,0 +1,16 @@
sudo: "required"
language: "python"
services: "docker"
cache: "pip"
install:
- "pip install ansible docker"
- "ansible-galaxy install -r tests/requirements.yml -p tests/roles/"
script:
- "ansible --version"
- "tests/test.sh"
notifications:
webhooks: "https://galaxy.ansible.com/api/v1/notifications/"

41
roles/hifis-net.unattended_upgrades/.yamllint Normal file
View File

@ -0,0 +1,41 @@
---
# Based on ansible-lint config
extends: "default"
ignore: |
.cache/
rules:
braces:
max-spaces-inside: 1
level: "error"
brackets:
max-spaces-inside: 1
level: "error"
colons:
max-spaces-after: -1
level: "error"
commas:
max-spaces-after: -1
level: "error"
comments: "disable"
comments-indentation: "disable"
document-start: "disable"
empty-lines:
max: 3
level: "error"
hyphens:
level: "error"
indentation: "disable"
key-duplicates: "enable"
line-length: "disable"
new-line-at-end-of-file: "disable"
new-lines:
type: "unix"
quoted-strings:
quote-type: "any"
required: True
extra-required: [ ]
extra-allowed: [ ]
trailing-spaces: "disable"
truthy: "disable"

99
roles/hifis-net.unattended_upgrades/CHANGELOG.md Normal file
View File

@ -0,0 +1,99 @@
# Changelog
## [v2.0.1](https://github.com/hifis-net/ansible-role-unattended-upgrades/tree/v2.0.1) (2022-12-15)
[Full Changelog](https://github.com/hifis-net/ansible-role-unattended-upgrades/compare/v2.0.0...v2.0.1)
**Fixed bugs:**
- Fix minimum specification of Ansible version [\#77](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/77) ([tobiashuste](https://github.com/tobiashuste))
**Closed issues:**
- `unattended_dl_limit` doesn't work [\#76](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/76)
- ansible.builtin.import\_tasks problem [\#75](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/75)
- Detach fork [\#66](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/66)
**Merged pull requests:**
- Bump ansible-lint from 6.9.1 to 6.10.0 [\#79](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/79) ([dependabot[bot]](https://github.com/apps/dependabot))
- Prepare release v2.0.1 [\#78](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/78) ([Normo](https://github.com/Normo))
- Bump ansible from 7.0.0 to 7.1.0 [\#74](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/74) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump molecule from 4.0.3 to 4.0.4 [\#73](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/73) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible-lint from 6.9.0 to 6.9.1 [\#72](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/72) ([dependabot[bot]](https://github.com/apps/dependabot))
- Leave a hint about the original fork [\#71](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/71) ([Normo](https://github.com/Normo))
- Make sure GitHub Actions runs on the main branch [\#70](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/70) ([tobiashuste](https://github.com/tobiashuste))
- Fix deprecation warning in GitHub Actions [\#69](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/69) ([tobiashuste](https://github.com/tobiashuste))
## [v2.0.0](https://github.com/hifis-net/ansible-role-unattended-upgrades/tree/v2.0.0) (2022-12-02)
[Full Changelog](https://github.com/hifis-net/ansible-role-unattended-upgrades/compare/v1.12.2...v2.0.0)
**Implemented enhancements:**
- \[Feature Request\] Use force\_apt\_get [\#32](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/32)
- Override configuration in a separate apt.conf.d file [\#10](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/10)
- Test role via Molecule [\#8](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/8)
**Fixed bugs:**
- Molecule folder not linted by molecule [\#48](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/48)
- Change caused by indentation [\#53](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/53)
- Fix installation of powermgmt-base package [\#35](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/35)
**Closed issues:**
- Documentation role name mismatch [\#41](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/41)
- Some configurations options are missing [\#56](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/56)
- Remove support for OS that reached EOL [\#38](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/38)
- Add changelog [\#33](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/33)
- Add contribution guide [\#16](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/16)
- Rename default branch to `main` [\#13](https://github.com/hifis-net/ansible-role-unattended-upgrades/issues/13)
**Merged pull requests:**
- Bump ansible-lint from 6.8.6 to 6.9.0 [\#62](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/62) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible from 6.5.0 to 7.0.0 [\#60](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/60) ([dependabot[bot]](https://github.com/apps/dependabot))
- Add missing option Unattended-Upgrade::MailReport [\#57](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/57) ([nono-lqdn](https://github.com/nono-lqdn))
- Bump ansible-lint from 6.8.2 to 6.8.6 [\#54](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/54) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump molecule from 4.0.2 to 4.0.3 [\#49](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/49) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump molecule from 4.0.1 to 4.0.2 [\#47](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/47) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible-lint from 6.8.1 to 6.8.2 [\#46](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/46) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible from 6.4.0 to 6.5.0 [\#45](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/45) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible-lint from 6.8.0 to 6.8.1 [\#44](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/44) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible-lint from 6.5.0 to 6.8.0 [\#43](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/43) ([dependabot[bot]](https://github.com/apps/dependabot))
- Fix role name in README [\#42](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/42) ([lukashass](https://github.com/lukashass))
- Bump molecule-podman from 2.0.2 to 2.0.3 [\#40](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/40) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible from 6.2.0 to 6.4.0 [\#25](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/25) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump yamllint from 1.27.1 to 1.28.0 [\#24](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/24) ([dependabot[bot]](https://github.com/apps/dependabot))
- Update README.md [\#19](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/19) ([Normo](https://github.com/Normo))
- Bump ansible-lint from 6.4.0 to 6.5.0 [\#15](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/15) ([dependabot[bot]](https://github.com/apps/dependabot))
- Prepare release version 2.0.0 [\#67](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/67) ([Normo](https://github.com/Normo))
- Add codeowners to autoassign reviewers [\#65](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/65) ([Normo](https://github.com/Normo))
- Ensure new default branch main is used by Galaxy [\#64](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/64) ([Normo](https://github.com/Normo))
- Lint molecule folder [\#63](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/63) ([Normo](https://github.com/Normo))
- Fix indentation for unattended\_origins\_patterns in template file [\#61](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/61) ([Normo](https://github.com/Normo))
- Remove support for OS that reached EOL [\#39](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/39) ([Normo](https://github.com/Normo))
- Add changelog [\#37](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/37) ([Normo](https://github.com/Normo))
- Fix installation of powermgmt-base [\#36](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/36) ([Normo](https://github.com/Normo))
- Force usage of apt-get instead of aptitude [\#34](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/34) ([Normo](https://github.com/Normo))
- Test Remove-Unused-Kernel-Packages option [\#31](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/31) ([Normo](https://github.com/Normo))
- Add options for controlling the removal of unused kernel packages [\#29](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/29) ([gcotelli](https://github.com/gcotelli))
- Stop overwriting default config [\#28](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/28) ([alpha0010](https://github.com/alpha0010))
- Add contribution guide [\#22](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/22) ([Normo](https://github.com/Normo))
- Remove custom ansible-lint config [\#18](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/18) ([Normo](https://github.com/Normo))
- Fix 'All names should start with an uppercase letter' warnings [\#17](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/17) ([Normo](https://github.com/Normo))
- Fix CI badge in README [\#14](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/14) ([tobiashuste](https://github.com/tobiashuste))
- Replace deprecated include with import\_tasks [\#12](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/12) ([Normo](https://github.com/Normo))
- Update README.md [\#11](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/11) ([Normo](https://github.com/Normo))
- Test the role via molecule and update supported OS [\#9](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/9) ([tobiashuste](https://github.com/tobiashuste))
- Bump actions/checkout from 2 to 3 [\#6](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/6) ([dependabot[bot]](https://github.com/apps/dependabot))
- Bump ansible/ansible-lint-action from 6.0.2 to 6.3.0 [\#5](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/5) ([dependabot[bot]](https://github.com/apps/dependabot))
- Add dependabot config to daily check for GitHub actions updates [\#4](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/4) ([Normo](https://github.com/Normo))
- Force quoted strings [\#3](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/3) ([Normo](https://github.com/Normo))
- Add yamllint configuration [\#2](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/2) ([Normo](https://github.com/Normo))
- Fork https://github.com/jnv/ansible-role-unattended-upgrades [\#1](https://github.com/hifis-net/ansible-role-unattended-upgrades/pull/1) ([Normo](https://github.com/Normo))
\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*

189
roles/hifis-net.unattended_upgrades/CONTRIBUTING.md Normal file
View File

@ -0,0 +1,189 @@
<!--
SPDX-FileCopyrightText: 2022 Helmholtz Centre for Environmental Research (UFZ)
SPDX-FileCopyrightText: 2022 Helmholtz-Zentrum Dresden-Rossendorf (HZDR)
SPDX-License-Identifier: Apache-2.0
-->
# Contributing
## Please Help to Improve this Project
You would like to contribute to this project and want to know how to do that?
Let me tell you first that you are awesome because you take care!
Let's make this Ansible role even better.
Any contributions and help to improve this project via issues, pull requests
and more are most welcome and much appreciated.
We are here to help you with your contributions at any time.
Please mention us in issues and pull requests if you need help or if you have
questions.
## Why Do We Need Contributors and Contributions
Coding is team-work and open-source software is community-work.
In order to enhance the project or correct bugs and regressions in the project
we need you and your support because the project benefits from your expertise,
knowledge, opinions, perspectives, and labour.
Together we are improving this Ansible role step-by-step.
Please follow these guidelines and be respectful as we respect your work and
your contributions in the same manner and support you and help you with your
contributions.
Feel free to get into contact with us or with other contributors as the
community will help you with your questions and contributions.
## Contributions We are Looking For
There are different ways to contribute to this project:
1. Discuss issues and pull requests
2. Submit bug reports or contribute new feature proposals
3. Contribute fixes or implement new features
4. Do testing
### Investigate Before Contributing
Before you start contributing and create issues and pull requests we ask you
to first check whether an issue or pull request already exists for the error,
enhancement, feature or test case you have in mind.
### Discuss Issues and Pull Requests
You can contribute by participating in discussions you find in issues and
pull requests or by starting your own discussions.
### Submit Bug Reports or Contribute New Feature Proposals
If you found a bug in the Ansible role or a typo in the documentation or
if you would like to discuss or suggest functional or quality aspects of the
role you are welcome to create issues to get in contact with us.
### Contribute Fixes or Implement New Features
If you would like to provide a fix for a bug or a typo in the documentation or
even add or change specific features of the role or specific parts of the
documentation, you are welcome to fork this repository, create a separate
branch, create a pull request and add your contributions.
Please also label the pull request, refer to related issues and assign
reviewers that take care of reviewing your suggested changes.
We would like you to check that the CI pipeline passes before asking reviewers
to review your suggestions.
### Do Testing
While automated tests are by far our preferred testing method we also
acknowledge contributors doing exploratory testing.
Sometimes the existing automated tests are not sufficient to account for
specific corner cases and to reveal hidden bugs.
Testing the role manually is always a good approach to make sure that the role
passes a particular additional test case.
Even more valuable are automated tests because they are repeatable.
That is why these test methods work best in combination.
Once a bug is revealed in an exploratory test, additional automated test-cases
need to be added that mark this behaviour as a defect.
As a consequence, a fix need to be developed that makes the CI pipeline and
the new regression tests pass again.
Please feel free to support the project by providing automated test cases.
In order to do so you need to fork the repository, create a separate branch,
create a pull request and add the test cases and fixes to that new branch.
Please also use labels for your pull request, name issues that you refer to
and assign reviewers who would be able to review your suggested test cases and
fixes.
Please make sure that the CI pipeline passes before you name reviewers for your
pull request.
### GitHub Actions CI Pipeline and Code Reviews
Finally, as soon as your changes are ready and you would like to ask someone
to review your contributions you need to check that all GitHub Actions CI
pipeline jobs pass in your pull request before assigning reviewers to your
pull request.
## Contributions Workflow via Pull Requests
In summary, if you would like to contribute with pull requests for
enhancements, bug-fixes or test cases, we kindly ask you to follow this
workflow:
![Workflow Blockdiagram with Kroki](https://kroki.hzdr.de/blockdiag/svg/eNqNU8tO5DAQvPMVrTmRwwrYF7tCcNkT30A4dJyejDXGDm0bNkL8-7YfM3I0WsEpUXd1uV1VHoxT-1HjBG9nAHokhAeDAxm4hc1VB4uLDJZec2vzeJNA9oV80BMGarBfO1A7UnvQW9DeR4KL3s7RGGB6jjLQWzRMOC5Af7UPvpBtHe8blm9dqTDNzuvgeCmwgdGqXQP8LscJm6yAtVmA9bAG-eOAXK9T4DiODfRnlwvpzr1VzgbWQwza2QIOa-LrDoy2AdCOudXbLFY711uRF41Z4NzNqYCmK1xKN0y_OnjCPYGPLFuGHQb4cw8zek_-cK0XTa_EzdDvsuyhc-4rs4_TlPxx1rdWXnZinHI8O85alLkWXcafiKfW1ysJQa6dylcDk6YmdnHOEQI4js7iIjKtFNncZIxjTTZgqgjSiIRe4Uyl2Qbsy10JhHxrBuSv7pDQ7_87_MSLz5ycBBX-8BG5uJNcLxr6zzCL33nxaqP8N8ofzso6H3VNoNVb2zoz0riKuUByhJtWqPWUsKbcxkK61eYj4Pj4lTOO0x2NnnZhMJHa8K-7E9OySs1Jm_LTeT_7B8Nka6c=)
For those of you who want to know how forked-based contributions work on
_GitHub_, we would like to point to the _GitHub Docs_ about
[contributing to projects](https://docs.github.com/en/get-started/quickstart/contributing-to-projects).
## Set Up a Local Development Environment (Optional)
In order to add contributions via pull requests you most probably need to
create a local development environment to make sure that your changes
work as expected.
After cloning the project locally the _Python_ dependencies need to be
installed:
```shell
$ pipenv install --dev
```
As mentioned in the suggested contribution workflow above, linting and testing
your contributions locally is optional, but we encourage you to do so.
The following sections show how to lint and test your contributions locally.
### Linting the Project
This role is linted via
[Ansible Lint](https://ansible-lint.readthedocs.io/en/latest/)
and
[yamllint](https://yamllint.readthedocs.io/en/stable/)
which guarantees that the role adheres to a set of
[Ansible Lint rules](https://ansible-lint.readthedocs.io/en/latest/default_rules/)
and
[yamllint rules](https://yamllint.readthedocs.io/en/stable/rules.html):
```shell
$ pipenv run molecule lint
```
### REUSE Specification Compliance
Each file in this project needs to have a proper license and copyright header.
Please check that each file you add to the project contains license and
copyright information and that it thereby meets the
[REUSE Specification](https://reuse.software/spec/):
```shell
$ pipenv run reuse lint
```
### Testing the Ansible Role
This role is tested via
[Ansible Molecule](https://molecule.readthedocs.io/en/latest/).
During development of your changes we would like you to use _Molecule_ and
the existing automated test cases to verify that your changes do not break
existing test cases:
```shell
$ pipenv run molecule test
````
## How are Contributors Given Credit for Their Valuable Work?
Please add yourself to the list of contributors in file
[README.md](README.md#contributors)
via a pull request if you made significant contributions to this role.
Significant contributions are done by suggesting pull requests that fix
bugs or add features or test cases to the project.
Since all other contributions are welcome and may be significant as well
you can request to be added as a contributor which is then decided on a
case-by-case basis.
## Ground Rules and Contributions We are Not Looking For
While we welcome and appreciate all contributions we want people to be kind,
respectful and mindful and won't support people who aren't.
Please help and support each other.
In order to get an idea what this actually means and involves we would like to
ask you to read the Codes of Conduct of
[The Carpentries](https://docs.carpentries.org/topic_folders/policies/code-of-conduct.html#code-of-conduct-detailed-view),
the
[Ansible Community](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html#community-code-of-conduct),
and the
[GitLab Community](https://about.gitlab.com/community/contribute/code-of-conduct/).

0
roles/jnv.unattended_upgrades/LICENSE → roles/hifis-net.unattended_upgrades/LICENSE
View File

16
roles/hifis-net.unattended_upgrades/Pipfile Normal file
View File

@ -0,0 +1,16 @@
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true
[dev-packages]
yamllint = "~=1.28.0"
ansible-lint = "~=6.10.2"
molecule = {extras = ["podman"], version = "~=4.0.4"}
molecule-podman = "~=2.0.3"
[packages]
ansible = "~=7.1.0"
[requires]
python_version = "3.10"

894
roles/hifis-net.unattended_upgrades/Pipfile.lock generated Normal file
View File

@ -0,0 +1,894 @@
{
"_meta": {
"hash": {
"sha256": "475c26d38b8fceb1a54ab74fb47ca2c616b45afff15c599df9fcb6c2216c0b44"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.10"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.org/simple",
"verify_ssl": true
}
]
},
"default": {
"ansible": {
"hashes": [
"sha256:1e47238c4aa9e68c0c5367a3fd707ba6c3949b4aaf912b06440ad78dd2bf018d",
"sha256:dd6d24dab08793e416eb1564ea716c586caeb104d4abbcada05bed94f9cd01cc"
],
"index": "pypi",
"version": "==7.1.0"
},
"ansible-core": {
"hashes": [
"sha256:06e136c8eda4d8695251995d3c3efa612ebb3ac66948bf42492d4c7b46a75ff2",
"sha256:589257f2560fffd5d4465352cd4504e2cbfc418ba49e0c4265cd54e16070c938"
],
"markers": "python_version >= '3.9'",
"version": "==2.14.1"
},
"cffi": {
"hashes": [
"sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5",
"sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef",
"sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104",
"sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426",
"sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405",
"sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375",
"sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a",
"sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e",
"sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc",
"sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf",
"sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185",
"sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497",
"sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3",
"sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35",
"sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c",
"sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83",
"sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21",
"sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca",
"sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984",
"sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac",
"sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd",
"sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee",
"sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a",
"sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2",
"sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192",
"sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7",
"sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585",
"sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f",
"sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e",
"sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27",
"sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b",
"sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e",
"sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e",
"sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d",
"sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c",
"sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415",
"sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82",
"sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02",
"sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314",
"sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325",
"sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c",
"sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3",
"sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914",
"sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045",
"sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d",
"sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9",
"sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5",
"sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2",
"sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c",
"sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3",
"sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2",
"sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8",
"sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d",
"sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d",
"sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9",
"sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162",
"sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76",
"sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4",
"sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e",
"sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9",
"sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6",
"sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b",
"sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01",
"sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0"
],
"version": "==1.15.1"
},
"cryptography": {
"hashes": [
"sha256:1a6915075c6d3a5e1215eab5d99bcec0da26036ff2102a1038401d6ef5bef25b",
"sha256:1ee1fd0de9851ff32dbbb9362a4d833b579b4a6cc96883e8e6d2ff2a6bc7104f",
"sha256:407cec680e811b4fc829de966f88a7c62a596faa250fc1a4b520a0355b9bc190",
"sha256:50386acb40fbabbceeb2986332f0287f50f29ccf1497bae31cf5c3e7b4f4b34f",
"sha256:6f97109336df5c178ee7c9c711b264c502b905c2d2a29ace99ed761533a3460f",
"sha256:754978da4d0457e7ca176f58c57b1f9de6556591c19b25b8bcce3c77d314f5eb",
"sha256:76c24dd4fd196a80f9f2f5405a778a8ca132f16b10af113474005635fe7e066c",
"sha256:7dacfdeee048814563eaaec7c4743c8aea529fe3dd53127313a792f0dadc1773",
"sha256:80ee674c08aaef194bc4627b7f2956e5ba7ef29c3cc3ca488cf15854838a8f72",
"sha256:844ad4d7c3850081dffba91cdd91950038ee4ac525c575509a42d3fc806b83c8",
"sha256:875aea1039d78557c7c6b4db2fe0e9d2413439f4676310a5f269dd342ca7a717",
"sha256:887cbc1ea60786e534b00ba8b04d1095f4272d380ebd5f7a7eb4cc274710fad9",
"sha256:ad04f413436b0781f20c52a661660f1e23bcd89a0e9bb1d6d20822d048cf2856",
"sha256:bae6c7f4a36a25291b619ad064a30a07110a805d08dc89984f4f441f6c1f3f96",
"sha256:c52a1a6f81e738d07f43dab57831c29e57d21c81a942f4602fac7ee21b27f288",
"sha256:e0a05aee6a82d944f9b4edd6a001178787d1546ec7c6223ee9a848a7ade92e39",
"sha256:e324de6972b151f99dc078defe8fb1b0a82c6498e37bff335f5bc6b1e3ab5a1e",
"sha256:e5d71c5d5bd5b5c3eebcf7c5c2bb332d62ec68921a8c593bea8c394911a005ce",
"sha256:f3ed2d864a2fa1666e749fe52fb8e23d8e06b8012e8bd8147c73797c506e86f1",
"sha256:f671c1bb0d6088e94d61d80c606d65baacc0d374e67bf895148883461cd848de",
"sha256:f6c0db08d81ead9576c4d94bbb27aed8d7a430fa27890f39084c2d0e2ec6b0df",
"sha256:f964c7dcf7802d133e8dbd1565914fa0194f9d683d82411989889ecd701e8adf",
"sha256:fec8b932f51ae245121c4671b4bbc030880f363354b2f0e0bd1366017d891458"
],
"markers": "python_version >= '3.6'",
"version": "==39.0.0"
},
"jinja2": {
"hashes": [
"sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852",
"sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61"
],
"markers": "python_version >= '3.7'",
"version": "==3.1.2"
},
"markupsafe": {
"hashes": [
"sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003",
"sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88",
"sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5",
"sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7",
"sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a",
"sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603",
"sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1",
"sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135",
"sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247",
"sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6",
"sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601",
"sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77",
"sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02",
"sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e",
"sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63",
"sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f",
"sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980",
"sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b",
"sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812",
"sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff",
"sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96",
"sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1",
"sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925",
"sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a",
"sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6",
"sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e",
"sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f",
"sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4",
"sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f",
"sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3",
"sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c",
"sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a",
"sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417",
"sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a",
"sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a",
"sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37",
"sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452",
"sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933",
"sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a",
"sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7"
],
"markers": "python_version >= '3.7'",
"version": "==2.1.1"
},
"packaging": {
"hashes": [
"sha256:2198ec20bd4c017b8f9717e00f0c8714076fc2fd93816750ab48e2c41de2cfd3",
"sha256:957e2148ba0e1a3b282772e791ef1d8083648bc131c8ab0c1feba110ce1146c3"
],
"markers": "python_version >= '3.7'",
"version": "==22.0"
},
"pycparser": {
"hashes": [
"sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9",
"sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206"
],
"version": "==2.21"
},
"pyyaml": {
"hashes": [
"sha256:01b45c0191e6d66c470b6cf1b9531a771a83c1c4208272ead47a3ae4f2f603bf",
"sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293",
"sha256:055d937d65826939cb044fc8c9b08889e8c743fdc6a32b33e2390f66013e449b",
"sha256:07751360502caac1c067a8132d150cf3d61339af5691fe9e87803040dbc5db57",
"sha256:0b4624f379dab24d3725ffde76559cff63d9ec94e1736b556dacdfebe5ab6d4b",
"sha256:0ce82d761c532fe4ec3f87fc45688bdd3a4c1dc5e0b4a19814b9009a29baefd4",
"sha256:1e4747bc279b4f613a09eb64bba2ba602d8a6664c6ce6396a4d0cd413a50ce07",
"sha256:213c60cd50106436cc818accf5baa1aba61c0189ff610f64f4a3e8c6726218ba",
"sha256:231710d57adfd809ef5d34183b8ed1eeae3f76459c18fb4a0b373ad56bedcdd9",
"sha256:277a0ef2981ca40581a47093e9e2d13b3f1fbbeffae064c1d21bfceba2030287",
"sha256:2cd5df3de48857ed0544b34e2d40e9fac445930039f3cfe4bcc592a1f836d513",
"sha256:40527857252b61eacd1d9af500c3337ba8deb8fc298940291486c465c8b46ec0",
"sha256:432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782",
"sha256:473f9edb243cb1935ab5a084eb238d842fb8f404ed2193a915d1784b5a6b5fc0",
"sha256:48c346915c114f5fdb3ead70312bd042a953a8ce5c7106d5bfb1a5254e47da92",
"sha256:50602afada6d6cbfad699b0c7bb50d5ccffa7e46a3d738092afddc1f9758427f",
"sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2",
"sha256:77f396e6ef4c73fdc33a9157446466f1cff553d979bd00ecb64385760c6babdc",
"sha256:81957921f441d50af23654aa6c5e5eaf9b06aba7f0a19c18a538dc7ef291c5a1",
"sha256:819b3830a1543db06c4d4b865e70ded25be52a2e0631ccd2f6a47a2822f2fd7c",
"sha256:897b80890765f037df3403d22bab41627ca8811ae55e9a722fd0392850ec4d86",
"sha256:98c4d36e99714e55cfbaaee6dd5badbc9a1ec339ebfc3b1f52e293aee6bb71a4",
"sha256:9df7ed3b3d2e0ecfe09e14741b857df43adb5a3ddadc919a2d94fbdf78fea53c",
"sha256:9fa600030013c4de8165339db93d182b9431076eb98eb40ee068700c9c813e34",
"sha256:a80a78046a72361de73f8f395f1f1e49f956c6be882eed58505a15f3e430962b",
"sha256:afa17f5bc4d1b10afd4466fd3a44dc0e245382deca5b3c353d8b757f9e3ecb8d",
"sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c",
"sha256:b5b9eccad747aabaaffbc6064800670f0c297e52c12754eb1d976c57e4f74dcb",
"sha256:bfaef573a63ba8923503d27530362590ff4f576c626d86a9fed95822a8255fd7",
"sha256:c5687b8d43cf58545ade1fe3e055f70eac7a5a1a0bf42824308d868289a95737",
"sha256:cba8c411ef271aa037d7357a2bc8f9ee8b58b9965831d9e51baf703280dc73d3",
"sha256:d15a181d1ecd0d4270dc32edb46f7cb7733c7c508857278d3d378d14d606db2d",
"sha256:d4b0ba9512519522b118090257be113b9468d804b19d63c71dbcf4a48fa32358",
"sha256:d4db7c7aef085872ef65a8fd7d6d09a14ae91f691dec3e87ee5ee0539d516f53",
"sha256:d4eccecf9adf6fbcc6861a38015c2a64f38b9d94838ac1810a9023a0609e1b78",
"sha256:d67d839ede4ed1b28a4e8909735fc992a923cdb84e618544973d7dfc71540803",
"sha256:daf496c58a8c52083df09b80c860005194014c3698698d1a57cbcfa182142a3a",
"sha256:dbad0e9d368bb989f4515da330b88a057617d16b6a8245084f1b05400f24609f",
"sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174",
"sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5"
],
"markers": "python_version >= '3.6'",
"version": "==6.0"
},
"resolvelib": {
"hashes": [
"sha256:c6ea56732e9fb6fca1b2acc2ccc68a0b6b8c566d8f3e78e0443310ede61dbd37",
"sha256:d9b7907f055c3b3a2cfc56c914ffd940122915826ff5fb5b1de0c99778f4de98"
],
"version": "==0.8.1"
}
},
"develop": {
"ansible-compat": {
"hashes": [
"sha256:08deddcd0a1dc6baabe674b07c6ff882118492c123d281f56f01905271a7ffc4",
"sha256:77fd80841279d8b0664df61faab65c32275d1a2b0079f60bf30c3d44251f6301"
],
"markers": "python_version >= '3.8'",
"version": "==2.2.7"
},
"ansible-core": {
"hashes": [
"sha256:06e136c8eda4d8695251995d3c3efa612ebb3ac66948bf42492d4c7b46a75ff2",
"sha256:589257f2560fffd5d4465352cd4504e2cbfc418ba49e0c4265cd54e16070c938"
],
"markers": "python_version >= '3.9'",
"version": "==2.14.1"
},
"ansible-lint": {
"hashes": [
"sha256:9cba1b5fabb2f418d861f90f192c11bd84c5755cf092d9a136eb261ed1bbe94c",
"sha256:e228449ac2f10d1c16df35c4769282b529ac1fe2b50767333fad1c85a62df671"
],
"index": "pypi",
"version": "==6.10.2"
},
"arrow": {
"hashes": [
"sha256:3934b30ca1b9f292376d9db15b19446088d12ec58629bc3f0da28fd55fb633a1",
"sha256:5a49ab92e3b7b71d96cd6bfcc4df14efefc9dfa96ea19045815914a6ab6b1fe2"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==1.2.3"
},
"attrs": {
"hashes": [
"sha256:29e95c7f6778868dbd49170f98f8818f78f3dc5e0e37c0b1f474e3561b240836",
"sha256:c9227bfc2f01993c03f68db37d1d15c9690188323c067c641f1a35ca58185f99"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==22.2.0"
},
"binaryornot": {
"hashes": [
"sha256:359501dfc9d40632edc9fac890e19542db1a287bbcfa58175b66658392018061",
"sha256:b8b71173c917bddcd2c16070412e369c3ed7f0528926f70cac18a6c97fd563e4"
],
"version": "==0.4.4"
},
"black": {
"hashes": [
"sha256:101c69b23df9b44247bd88e1d7e90154336ac4992502d4197bdac35dd7ee3320",
"sha256:159a46a4947f73387b4d83e87ea006dbb2337eab6c879620a3ba52699b1f4351",
"sha256:1f58cbe16dfe8c12b7434e50ff889fa479072096d79f0a7f25e4ab8e94cd8350",
"sha256:229351e5a18ca30f447bf724d007f890f97e13af070bb6ad4c0a441cd7596a2f",
"sha256:436cc9167dd28040ad90d3b404aec22cedf24a6e4d7de221bec2730ec0c97bcf",
"sha256:559c7a1ba9a006226f09e4916060982fd27334ae1998e7a38b3f33a37f7a2148",
"sha256:7412e75863aa5c5411886804678b7d083c7c28421210180d67dfd8cf1221e1f4",
"sha256:77d86c9f3db9b1bf6761244bc0b3572a546f5fe37917a044e02f3166d5aafa7d",
"sha256:82d9fe8fee3401e02e79767016b4907820a7dc28d70d137eb397b92ef3cc5bfc",
"sha256:9eedd20838bd5d75b80c9f5487dbcb06836a43833a37846cf1d8c1cc01cef59d",
"sha256:c116eed0efb9ff870ded8b62fe9f28dd61ef6e9ddd28d83d7d264a38417dcee2",
"sha256:d30b212bffeb1e252b31dd269dfae69dd17e06d92b87ad26e23890f3efea366f"
],
"markers": "python_version >= '3.7'",
"version": "==22.12.0"
},
"bracex": {
"hashes": [
"sha256:351b7f20d56fb9ea91f9b9e9e7664db466eb234188c175fd943f8f755c807e73",
"sha256:e7b23fc8b2cd06d3dec0692baabecb249dda94e06a617901ff03a6c56fd71693"
],
"markers": "python_version >= '3.7'",
"version": "==2.3.post1"
},
"certifi": {
"hashes": [
"sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3",
"sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==2022.12.7"
},
"cffi": {
"hashes": [
"sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5",
"sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef",
"sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104",
"sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426",
"sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405",
"sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375",
"sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a",
"sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e",
"sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc",
"sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf",
"sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185",
"sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497",
"sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3",
"sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35",
"sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c",
"sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83",
"sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21",
"sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca",
"sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984",
"sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac",
"sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd",
"sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee",
"sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a",
"sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2",
"sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192",
"sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7",
"sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585",
"sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f",
"sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e",
"sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27",
"sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b",
"sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e",
"sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e",
"sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d",
"sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c",
"sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415",
"sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82",
"sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02",
"sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314",
"sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325",
"sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c",
"sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3",
"sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914",
"sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045",
"sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d",
"sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9",
"sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5",
"sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2",
"sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c",
"sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3",
"sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2",
"sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8",
"sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d",
"sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d",
"sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9",
"sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162",
"sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76",
"sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4",
"sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e",
"sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9",
"sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6",
"sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b",
"sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01",
"sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0"
],
"version": "==1.15.1"
},
"chardet": {
"hashes": [
"sha256:0d62712b956bc154f85fb0a266e2a3c5913c2967e00348701b32411d6def31e5",
"sha256:362777fb014af596ad31334fde1e8c327dfdb076e1960d1694662d46a6917ab9"
],
"markers": "python_version >= '3.7'",
"version": "==5.1.0"
},
"charset-normalizer": {
"hashes": [
"sha256:5a3d016c7c547f69d6f81fb0db9449ce888b418b5b9952cc5e6e66843e9dd845",
"sha256:83e9a75d1911279afd89352c68b45348559d1fc0506b054b346651b5e7fee29f"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==2.1.1"
},
"click": {
"hashes": [
"sha256:7682dc8afb30297001674575ea00d1814d808d6a36af415a82bd481d37ba7b8e",
"sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48"
],
"markers": "python_version >= '3.7'",
"version": "==8.1.3"
},
"click-help-colors": {
"hashes": [
"sha256:25a6bd22d8abbc72c18a416a1cf21ab65b6120bee48e9637829666cbad22d51d",
"sha256:78cbcf30cfa81c5fc2a52f49220121e1a8190cd19197d9245997605d3405824d"
],
"version": "==0.9.1"
},
"commonmark": {
"hashes": [
"sha256:452f9dc859be7f06631ddcb328b6919c67984aca654e5fefb3914d54691aed60",
"sha256:da2f38c92590f83de410ba1a3cbceafbc74fee9def35f9251ba9a971d6d66fd9"
],
"version": "==0.9.1"
},
"cookiecutter": {
"hashes": [
"sha256:9f3ab027cec4f70916e28f03470bdb41e637a3ad354b4d65c765d93aad160022",
"sha256:f3982be8d9c53dac1261864013fdec7f83afd2e42ede6f6dd069c5e149c540d5"
],
"markers": "python_version >= '3.7'",
"version": "==2.1.1"
},
"cryptography": {
"hashes": [
"sha256:1a6915075c6d3a5e1215eab5d99bcec0da26036ff2102a1038401d6ef5bef25b",
"sha256:1ee1fd0de9851ff32dbbb9362a4d833b579b4a6cc96883e8e6d2ff2a6bc7104f",
"sha256:407cec680e811b4fc829de966f88a7c62a596faa250fc1a4b520a0355b9bc190",
"sha256:50386acb40fbabbceeb2986332f0287f50f29ccf1497bae31cf5c3e7b4f4b34f",
"sha256:6f97109336df5c178ee7c9c711b264c502b905c2d2a29ace99ed761533a3460f",
"sha256:754978da4d0457e7ca176f58c57b1f9de6556591c19b25b8bcce3c77d314f5eb",
"sha256:76c24dd4fd196a80f9f2f5405a778a8ca132f16b10af113474005635fe7e066c",
"sha256:7dacfdeee048814563eaaec7c4743c8aea529fe3dd53127313a792f0dadc1773",
"sha256:80ee674c08aaef194bc4627b7f2956e5ba7ef29c3cc3ca488cf15854838a8f72",
"sha256:844ad4d7c3850081dffba91cdd91950038ee4ac525c575509a42d3fc806b83c8",
"sha256:875aea1039d78557c7c6b4db2fe0e9d2413439f4676310a5f269dd342ca7a717",
"sha256:887cbc1ea60786e534b00ba8b04d1095f4272d380ebd5f7a7eb4cc274710fad9",
"sha256:ad04f413436b0781f20c52a661660f1e23bcd89a0e9bb1d6d20822d048cf2856",
"sha256:bae6c7f4a36a25291b619ad064a30a07110a805d08dc89984f4f441f6c1f3f96",
"sha256:c52a1a6f81e738d07f43dab57831c29e57d21c81a942f4602fac7ee21b27f288",
"sha256:e0a05aee6a82d944f9b4edd6a001178787d1546ec7c6223ee9a848a7ade92e39",
"sha256:e324de6972b151f99dc078defe8fb1b0a82c6498e37bff335f5bc6b1e3ab5a1e",
"sha256:e5d71c5d5bd5b5c3eebcf7c5c2bb332d62ec68921a8c593bea8c394911a005ce",
"sha256:f3ed2d864a2fa1666e749fe52fb8e23d8e06b8012e8bd8147c73797c506e86f1",
"sha256:f671c1bb0d6088e94d61d80c606d65baacc0d374e67bf895148883461cd848de",
"sha256:f6c0db08d81ead9576c4d94bbb27aed8d7a430fa27890f39084c2d0e2ec6b0df",
"sha256:f964c7dcf7802d133e8dbd1565914fa0194f9d683d82411989889ecd701e8adf",
"sha256:fec8b932f51ae245121c4671b4bbc030880f363354b2f0e0bd1366017d891458"
],
"markers": "python_version >= '3.6'",
"version": "==39.0.0"
},
"distro": {
"hashes": [
"sha256:02e111d1dc6a50abb8eed6bf31c3e48ed8b0830d1ea2a1b78c61765c2513fdd8",
"sha256:99522ca3e365cac527b44bde033f64c6945d90eb9f769703caaec52b09bbd3ff"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==1.8.0"
},
"enrich": {
"hashes": [
"sha256:0a2ab0d2931dff8947012602d1234d2a3ee002d9a355b5d70be6bf5466008893",
"sha256:f29b2c8c124b4dbd7c975ab5c3568f6c7a47938ea3b7d2106c8a3bd346545e4f"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==1.2.7"
},
"filelock": {
"hashes": [
"sha256:7b319f24340b51f55a2bf7a12ac0755a9b03e718311dac567a0f4f7fabd2f5de",
"sha256:f58d535af89bb9ad5cd4df046f741f8553a418c01a7856bf0d173bbc9f6bd16d"
],
"markers": "python_version >= '3.7'",
"version": "==3.9.0"
},
"idna": {
"hashes": [
"sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4",
"sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2"
],
"markers": "python_version >= '3.5'",
"version": "==3.4"
},
"jinja2": {
"hashes": [
"sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852",
"sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61"
],
"markers": "python_version >= '3.7'",
"version": "==3.1.2"
},
"jinja2-time": {
"hashes": [
"sha256:d14eaa4d315e7688daa4969f616f226614350c48730bfa1692d2caebd8c90d40",
"sha256:d3eab6605e3ec8b7a0863df09cc1d23714908fa61aa6986a845c20ba488b4efa"
],
"version": "==0.2.0"
},
"jsonschema": {
"hashes": [
"sha256:0f864437ab8b6076ba6707453ef8f98a6a0d512a80e93f8abdb676f737ecb60d",
"sha256:a870ad254da1a8ca84b6a2905cac29d265f805acc57af304784962a2aa6508f6"
],
"markers": "python_version >= '3.7'",
"version": "==4.17.3"
},
"markupsafe": {
"hashes": [
"sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003",
"sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88",
"sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5",
"sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7",
"sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a",
"sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603",
"sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1",
"sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135",
"sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247",
"sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6",
"sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601",
"sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77",
"sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02",
"sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e",
"sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63",
"sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f",
"sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980",
"sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b",
"sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812",
"sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff",
"sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96",
"sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1",
"sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925",
"sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a",
"sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6",
"sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e",
"sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f",
"sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4",
"sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f",
"sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3",
"sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c",
"sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a",
"sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417",
"sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a",
"sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a",
"sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37",
"sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452",
"sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933",
"sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a",
"sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7"
],
"markers": "python_version >= '3.7'",
"version": "==2.1.1"
},
"molecule": {
"extras": [
"podman"
],
"hashes": [
"sha256:437a0829c3273f542e0db09516ae743607e6a2eda4d8cbdfb407edda3e0facb2",
"sha256:aab00c1ba62a42d77edd1a51528dfbb46abca70df7c7147fda0925ee4fe7deda"
],
"index": "pypi",
"version": "==4.0.4"
},
"molecule-podman": {
"hashes": [
"sha256:85d928ab36ab0a2fae57e03eb549dd523c9be36b4b904d050748c27ca72ac07f",
"sha256:cea2eacac54f129824530d35469ddd7bff109a94ebcd8408828af8c0dabf5c7a"
],
"index": "pypi",
"version": "==2.0.3"
},
"mypy-extensions": {
"hashes": [
"sha256:090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d",
"sha256:2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8"
],
"version": "==0.4.3"
},
"packaging": {
"hashes": [
"sha256:2198ec20bd4c017b8f9717e00f0c8714076fc2fd93816750ab48e2c41de2cfd3",
"sha256:957e2148ba0e1a3b282772e791ef1d8083648bc131c8ab0c1feba110ce1146c3"
],
"markers": "python_version >= '3.7'",
"version": "==22.0"
},
"pathspec": {
"hashes": [
"sha256:3c95343af8b756205e2aba76e843ba9520a24dd84f68c22b9f93251507509dd6",
"sha256:56200de4077d9d0791465aa9095a01d421861e405b5096955051deefd697d6f6"
],
"markers": "python_version >= '3.7'",
"version": "==0.10.3"
},
"platformdirs": {
"hashes": [
"sha256:83c8f6d04389165de7c9b6f0c682439697887bca0aa2f1c87ef1826be3584490",
"sha256:e1fea1fe471b9ff8332e229df3cb7de4f53eeea4998d3b6bfff542115e998bd2"
],
"markers": "python_version >= '3.7'",
"version": "==2.6.2"
},
"pluggy": {
"hashes": [
"sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159",
"sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==1.0.0"
},
"pycparser": {
"hashes": [
"sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9",
"sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206"
],
"version": "==2.21"
},
"pygments": {
"hashes": [
"sha256:b3ed06a9e8ac9a9aae5a6f5dbe78a8a58655d17b43b93c078f094ddc476ae297",
"sha256:fa7bd7bd2771287c0de303af8bfdfc731f51bd2c6a47ab69d117138893b82717"
],
"markers": "python_full_version >= '3.6.0'",
"version": "==2.14.0"
},
"pyrsistent": {
"hashes": [
"sha256:016ad1afadf318eb7911baa24b049909f7f3bb2c5b1ed7b6a8f21db21ea3faa8",
"sha256:1a2994773706bbb4995c31a97bc94f1418314923bd1048c6d964837040376440",
"sha256:20460ac0ea439a3e79caa1dbd560344b64ed75e85d8703943e0b66c2a6150e4a",
"sha256:3311cb4237a341aa52ab8448c27e3a9931e2ee09561ad150ba94e4cfd3fc888c",
"sha256:3a8cb235fa6d3fd7aae6a4f1429bbb1fec1577d978098da1252f0489937786f3",
"sha256:3ab2204234c0ecd8b9368dbd6a53e83c3d4f3cab10ecaf6d0e772f456c442393",
"sha256:42ac0b2f44607eb92ae88609eda931a4f0dfa03038c44c772e07f43e738bcac9",
"sha256:49c32f216c17148695ca0e02a5c521e28a4ee6c5089f97e34fe24163113722da",
"sha256:4b774f9288dda8d425adb6544e5903f1fb6c273ab3128a355c6b972b7df39dcf",
"sha256:4c18264cb84b5e68e7085a43723f9e4c1fd1d935ab240ce02c0324a8e01ccb64",
"sha256:5a474fb80f5e0d6c9394d8db0fc19e90fa540b82ee52dba7d246a7791712f74a",
"sha256:64220c429e42a7150f4bfd280f6f4bb2850f95956bde93c6fda1b70507af6ef3",
"sha256:878433581fc23e906d947a6814336eee031a00e6defba224234169ae3d3d6a98",
"sha256:99abb85579e2165bd8522f0c0138864da97847875ecbd45f3e7e2af569bfc6f2",
"sha256:a2471f3f8693101975b1ff85ffd19bb7ca7dd7c38f8a81701f67d6b4f97b87d8",
"sha256:aeda827381f5e5d65cced3024126529ddc4289d944f75e090572c77ceb19adbf",
"sha256:b735e538f74ec31378f5a1e3886a26d2ca6351106b4dfde376a26fc32a044edc",
"sha256:c147257a92374fde8498491f53ffa8f4822cd70c0d85037e09028e478cababb7",
"sha256:c4db1bd596fefd66b296a3d5d943c94f4fac5bcd13e99bffe2ba6a759d959a28",
"sha256:c74bed51f9b41c48366a286395c67f4e894374306b197e62810e0fdaf2364da2",
"sha256:c9bb60a40a0ab9aba40a59f68214eed5a29c6274c83b2cc206a359c4a89fa41b",
"sha256:cc5d149f31706762c1f8bda2e8c4f8fead6e80312e3692619a75301d3dbb819a",
"sha256:ccf0d6bd208f8111179f0c26fdf84ed7c3891982f2edaeae7422575f47e66b64",
"sha256:e42296a09e83028b3476f7073fcb69ffebac0e66dbbfd1bd847d61f74db30f19",
"sha256:e8f2b814a3dc6225964fa03d8582c6e0b6650d68a232df41e3cc1b66a5d2f8d1",
"sha256:f0774bf48631f3a20471dd7c5989657b639fd2d285b861237ea9e82c36a415a9",
"sha256:f0e7c4b2f77593871e918be000b96c8107da48444d57005b6a6bc61fb4331b2c"
],
"markers": "python_version >= '3.7'",
"version": "==0.19.3"
},
"python-dateutil": {
"hashes": [
"sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86",
"sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.8.2"
},
"python-slugify": {
"hashes": [
"sha256:003aee64f9fd955d111549f96c4b58a3f40b9319383c70fad6277a4974bbf570",
"sha256:7a0f21a39fa6c1c4bf2e5984c9b9ae944483fd10b54804cb0e23a3ccd4954f0b"
],
"markers": "python_version >= '3.7'",
"version": "==7.0.0"
},
"pyyaml": {
"hashes": [
"sha256:01b45c0191e6d66c470b6cf1b9531a771a83c1c4208272ead47a3ae4f2f603bf",
"sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293",
"sha256:055d937d65826939cb044fc8c9b08889e8c743fdc6a32b33e2390f66013e449b",
"sha256:07751360502caac1c067a8132d150cf3d61339af5691fe9e87803040dbc5db57",
"sha256:0b4624f379dab24d3725ffde76559cff63d9ec94e1736b556dacdfebe5ab6d4b",
"sha256:0ce82d761c532fe4ec3f87fc45688bdd3a4c1dc5e0b4a19814b9009a29baefd4",
"sha256:1e4747bc279b4f613a09eb64bba2ba602d8a6664c6ce6396a4d0cd413a50ce07",
"sha256:213c60cd50106436cc818accf5baa1aba61c0189ff610f64f4a3e8c6726218ba",
"sha256:231710d57adfd809ef5d34183b8ed1eeae3f76459c18fb4a0b373ad56bedcdd9",
"sha256:277a0ef2981ca40581a47093e9e2d13b3f1fbbeffae064c1d21bfceba2030287",
"sha256:2cd5df3de48857ed0544b34e2d40e9fac445930039f3cfe4bcc592a1f836d513",
"sha256:40527857252b61eacd1d9af500c3337ba8deb8fc298940291486c465c8b46ec0",
"sha256:432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782",
"sha256:473f9edb243cb1935ab5a084eb238d842fb8f404ed2193a915d1784b5a6b5fc0",
"sha256:48c346915c114f5fdb3ead70312bd042a953a8ce5c7106d5bfb1a5254e47da92",
"sha256:50602afada6d6cbfad699b0c7bb50d5ccffa7e46a3d738092afddc1f9758427f",
"sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2",
"sha256:77f396e6ef4c73fdc33a9157446466f1cff553d979bd00ecb64385760c6babdc",
"sha256:81957921f441d50af23654aa6c5e5eaf9b06aba7f0a19c18a538dc7ef291c5a1",
"sha256:819b3830a1543db06c4d4b865e70ded25be52a2e0631ccd2f6a47a2822f2fd7c",
"sha256:897b80890765f037df3403d22bab41627ca8811ae55e9a722fd0392850ec4d86",
"sha256:98c4d36e99714e55cfbaaee6dd5badbc9a1ec339ebfc3b1f52e293aee6bb71a4",
"sha256:9df7ed3b3d2e0ecfe09e14741b857df43adb5a3ddadc919a2d94fbdf78fea53c",
"sha256:9fa600030013c4de8165339db93d182b9431076eb98eb40ee068700c9c813e34",
"sha256:a80a78046a72361de73f8f395f1f1e49f956c6be882eed58505a15f3e430962b",
"sha256:afa17f5bc4d1b10afd4466fd3a44dc0e245382deca5b3c353d8b757f9e3ecb8d",
"sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c",
"sha256:b5b9eccad747aabaaffbc6064800670f0c297e52c12754eb1d976c57e4f74dcb",
"sha256:bfaef573a63ba8923503d27530362590ff4f576c626d86a9fed95822a8255fd7",
"sha256:c5687b8d43cf58545ade1fe3e055f70eac7a5a1a0bf42824308d868289a95737",
"sha256:cba8c411ef271aa037d7357a2bc8f9ee8b58b9965831d9e51baf703280dc73d3",
"sha256:d15a181d1ecd0d4270dc32edb46f7cb7733c7c508857278d3d378d14d606db2d",
"sha256:d4b0ba9512519522b118090257be113b9468d804b19d63c71dbcf4a48fa32358",
"sha256:d4db7c7aef085872ef65a8fd7d6d09a14ae91f691dec3e87ee5ee0539d516f53",
"sha256:d4eccecf9adf6fbcc6861a38015c2a64f38b9d94838ac1810a9023a0609e1b78",
"sha256:d67d839ede4ed1b28a4e8909735fc992a923cdb84e618544973d7dfc71540803",
"sha256:daf496c58a8c52083df09b80c860005194014c3698698d1a57cbcfa182142a3a",
"sha256:dbad0e9d368bb989f4515da330b88a057617d16b6a8245084f1b05400f24609f",
"sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174",
"sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5"
],
"markers": "python_version >= '3.6'",
"version": "==6.0"
},
"requests": {
"hashes": [
"sha256:7c5599b102feddaa661c826c56ab4fee28bfd17f5abca1ebbe3e7f19d7c97983",
"sha256:8fefa2a1a1365bf5520aac41836fbee479da67864514bdb821f31ce07ce65349"
],
"markers": "python_version >= '3.7' and python_version < '4'",
"version": "==2.28.1"
},
"resolvelib": {
"hashes": [
"sha256:c6ea56732e9fb6fca1b2acc2ccc68a0b6b8c566d8f3e78e0443310ede61dbd37",
"sha256:d9b7907f055c3b3a2cfc56c914ffd940122915826ff5fb5b1de0c99778f4de98"
],
"version": "==0.8.1"
},
"rich": {
"hashes": [
"sha256:12b1d77ee7edf251b741531323f0d990f5f570a4e7c054d0bfb59fb7981ad977",
"sha256:3aa9eba7219b8c575c6494446a59f702552efe1aa261e7eeb95548fa586e1950"
],
"markers": "python_version >= '3.7'",
"version": "==13.0.0"
},
"ruamel.yaml": {
"hashes": [
"sha256:742b35d3d665023981bd6d16b3d24248ce5df75fdb4e2924e93a05c1f8b61ca7",
"sha256:8b7ce697a2f212752a35c1ac414471dc16c424c9573be4926b56ff3f5d23b7af"
],
"markers": "python_version >= '3'",
"version": "==0.17.21"
},
"ruamel.yaml.clib": {
"hashes": [
"sha256:045e0626baf1c52e5527bd5db361bc83180faaba2ff586e763d3d5982a876a9e",
"sha256:15910ef4f3e537eea7fe45f8a5d19997479940d9196f357152a09031c5be59f3",
"sha256:184faeaec61dbaa3cace407cffc5819f7b977e75360e8d5ca19461cd851a5fc5",
"sha256:1f08fd5a2bea9c4180db71678e850b995d2a5f4537be0e94557668cf0f5f9497",
"sha256:2aa261c29a5545adfef9296b7e33941f46aa5bbd21164228e833412af4c9c75f",
"sha256:3110a99e0f94a4a3470ff67fc20d3f96c25b13d24c6980ff841e82bafe827cac",
"sha256:3243f48ecd450eddadc2d11b5feb08aca941b5cd98c9b1db14b2fd128be8c697",
"sha256:370445fd795706fd291ab00c9df38a0caed0f17a6fb46b0f607668ecb16ce763",
"sha256:40d030e2329ce5286d6b231b8726959ebbe0404c92f0a578c0e2482182e38282",
"sha256:41d0f1fa4c6830176eef5b276af04c89320ea616655d01327d5ce65e50575c94",
"sha256:4a4d8d417868d68b979076a9be6a38c676eca060785abaa6709c7b31593c35d1",
"sha256:4b3a93bb9bc662fc1f99c5c3ea8e623d8b23ad22f861eb6fce9377ac07ad6072",
"sha256:5bc0667c1eb8f83a3752b71b9c4ba55ef7c7058ae57022dd9b29065186a113d9",
"sha256:721bc4ba4525f53f6a611ec0967bdcee61b31df5a56801281027a3a6d1c2daf5",
"sha256:763d65baa3b952479c4e972669f679fe490eee058d5aa85da483ebae2009d231",
"sha256:7bdb4c06b063f6fd55e472e201317a3bb6cdeeee5d5a38512ea5c01e1acbdd93",
"sha256:8831a2cedcd0f0927f788c5bdf6567d9dc9cc235646a434986a852af1cb54b4b",
"sha256:91a789b4aa0097b78c93e3dc4b40040ba55bef518f84a40d4442f713b4094acb",
"sha256:92460ce908546ab69770b2e576e4f99fbb4ce6ab4b245345a3869a0a0410488f",
"sha256:99e77daab5d13a48a4054803d052ff40780278240a902b880dd37a51ba01a307",
"sha256:a234a20ae07e8469da311e182e70ef6b199d0fbeb6c6cc2901204dd87fb867e8",
"sha256:a7b301ff08055d73223058b5c46c55638917f04d21577c95e00e0c4d79201a6b",
"sha256:be2a7ad8fd8f7442b24323d24ba0b56c51219513cfa45b9ada3b87b76c374d4b",
"sha256:bf9a6bc4a0221538b1a7de3ed7bca4c93c02346853f44e1cd764be0023cd3640",
"sha256:c3ca1fbba4ae962521e5eb66d72998b51f0f4d0f608d3c0347a48e1af262efa7",
"sha256:d000f258cf42fec2b1bbf2863c61d7b8918d31ffee905da62dede869254d3b8a",
"sha256:d5859983f26d8cd7bb5c287ef452e8aacc86501487634573d260968f753e1d71",
"sha256:d5e51e2901ec2366b79f16c2299a03e74ba4531ddcfacc1416639c557aef0ad8",
"sha256:debc87a9516b237d0466a711b18b6ebeb17ba9f391eb7f91c649c5c4ec5006c7",
"sha256:df5828871e6648db72d1c19b4bd24819b80a755c4541d3409f0f7acd0f335c80",
"sha256:ecdf1a604009bd35c674b9225a8fa609e0282d9b896c03dd441a91e5f53b534e",
"sha256:efa08d63ef03d079dcae1dfe334f6c8847ba8b645d08df286358b1f5293d24ab",
"sha256:f01da5790e95815eb5a8a138508c01c758e5f5bc0ce4286c4f7028b8dd7ac3d0",
"sha256:f34019dced51047d6f70cb9383b2ae2853b7fc4dce65129a5acd49f4f9256646"
],
"markers": "python_version < '3.11' and platform_python_implementation == 'CPython'",
"version": "==0.2.7"
},
"selinux": {
"hashes": [
"sha256:2a88b337ac46ad0f06f557b2806c3df62421972f766673dd8bf26732fb75a9ea",
"sha256:ecf7add45c939e9dda682c390a2cd0a845c94a4793a2cce9e8870d4ee9501f99"
],
"markers": "sys_platform == 'linux'",
"version": "==0.3.0"
},
"setuptools": {
"hashes": [
"sha256:57f6f22bde4e042978bcd50176fdb381d7c21a9efa4041202288d3737a0c6a54",
"sha256:a7620757bf984b58deaf32fc8a4577a9bbc0850cf92c20e1ce41c38c19e5fb75"
],
"markers": "python_version >= '3.7'",
"version": "==65.6.3"
},
"six": {
"hashes": [
"sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926",
"sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==1.16.0"
},
"subprocess-tee": {
"hashes": [
"sha256:b3c124993f8b88d1eb1c2fde0bc2069787eac720ba88771cba17e8c93324825d",
"sha256:eca56973a1c1237093c2055b2731bcaab784683b83f22c76f26e4c5763402e28"
],
"markers": "python_version >= '3.8'",
"version": "==0.4.1"
},
"text-unidecode": {
"hashes": [
"sha256:1311f10e8b895935241623731c2ba64f4c455287888b18189350b67134a822e8",
"sha256:bad6603bb14d279193107714b288be206cac565dfa49aa5b105294dd5c4aab93"
],
"version": "==1.3"
},
"tomli": {
"hashes": [
"sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc",
"sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f"
],
"markers": "python_full_version < '3.11.0a7'",
"version": "==2.0.1"
},
"urllib3": {
"hashes": [
"sha256:47cc05d99aaa09c9e72ed5809b60e7ba354e64b59c9c173ac3018642d8bb41fc",
"sha256:c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'",
"version": "==1.26.13"
},
"wcmatch": {
"hashes": [
"sha256:3476cd107aba7b25ba1d59406938a47dc7eec6cfd0ad09ff77193f21a964dee7",
"sha256:b1f042a899ea4c458b7321da1b5e3331e3e0ec781583434de1301946ceadb943"
],
"markers": "python_version >= '3.7'",
"version": "==8.4.1"
},
"yamllint": {
"hashes": [
"sha256:89bb5b5ac33b1ade059743cf227de73daa34d5e5a474b06a5e17fc16583b0cf2",
"sha256:9e3d8ddd16d0583214c5fdffe806c9344086721f107435f68bad990e5a88826b"
],
"index": "pypi",
"version": "==1.28.0"
}
}
}

237
roles/hifis-net.unattended_upgrades/README.md Normal file
View File

@ -0,0 +1,237 @@
# Unattended-Upgrades Role for Ansible
[![CI status](https://github.com/hifis-net/ansible-role-unattended-upgrades/actions/workflows/ci.yml/badge.svg)](https://github.com/hifis-net/ansible-role-unattended-upgrades/actions/workflows/ci.yml)
[![Ansible Role: hifis.unattended_upgrades](https://img.shields.io/ansible/role/59313)](https://galaxy.ansible.com/hifis/unattended_upgrades)
[![Ansible Quality Score](https://img.shields.io/ansible/quality/59313)](https://galaxy.ansible.com/hifis/unattended_upgrades)
[![Ansible Role Downloads](https://img.shields.io/ansible/role/d/59313)](https://galaxy.ansible.com/hifis/unattended_upgrades)
[![Latest release](https://img.shields.io/github/v/release/hifis-net/ansible-role-unattended-upgrades)](https://github.com/hifis-net/ansible-role-unattended-upgrades/releases)
Install and setup [unattended-upgrades](https://launchpad.net/unattended-upgrades) for Ubuntu and Debian, to periodically install security upgrades.
### Notes
1. If you have used version `0.0.1` of the role, you can delete the file `/etc/apt/apt.conf.d/10periodic` as it is not needed anymore. You can use the following one-shot command:
* `ansible -m file -a "state=absent path=/etc/apt/apt.conf.d/10periodic" <host-pattern>`
1. If you have used this role before version `2.0.0`, the files `20auto-upgrades` and `50unattended-upgrades` will differ from the system defaults (instead of configuration being placed in a separate file, as we do now). These can be left as-is as they will be overridden. During OS upgrades, when asked if these files should be overwritten by the maintainer's package, say yes. They will then be reset to their default states, and you won't be asked these questions again.
## Requirements
The role uses [apt module](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html) which has additional dependencies.
If you set `unattended_mail` to an e-mail address, make sure `mailx` command is available and your system is able to send e-mails.
The role requires unattended-upgrades version 0.70 and newer, which is available since Debian Wheezy and Ubuntu 12.04 respectively. This is due to [Origins Patterns](#origins-patterns) usage; if this is not available on your system, you may use [the first version of the role](https://github.com/hifis-net/ansible-role-unattended-upgrades/tree/v0.1).
### Automatic Reboot
If you enable automatic reboot feature (`unattended_automatic_reboot`), the role will attempt to install `update-notifier-common` package, which is required on some systems for detecting and executing reboot after the upgrade. You may optionally define a specific time for rebooting (`unattended_automatic_reboot_time`).
This feature was broken in Debian Jessie, but eventually was rolled into the unattended-upgrades package; see [the discussion in #6](https://github.com/jnv/ansible-role-unattended-upgrades/issues/6) for more details.
## Disabled Cron Jobs
On some hosts you may find that the unattended-upgrade's cron file `/etc/cron.daily/apt` file has been renamed to `apt.disabled`. This is possibly provider's decision, to save some CPU cycles. Use [enable-standard-cronjobs](https://github.com/Yannik/ansible-role-enable-standard-cronjobs) role to re-enable unattended-upgrades. See also discussion in [#9](https://github.com/jnv/ansible-role-unattended-upgrades/issues/9).
## Role Variables
* `unattended_cache_valid_time`:
* Default: `3600`
* Description: Update the apt cache if it's older than the given time in seconds; passed to the [apt module](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html) during package installation.
* `unattended_origins_patterns`:
* Default:
* Debian: `['origin=Debian,codename=${distro_codename},label=Debian-Security']`
* Ubuntu: `['origin=Ubuntu,archive=${distro_codename}-security,label=Ubuntu']`
* Description: Array of origins patterns to determine whether the package can be automatically installed, for more details see [Origins Patterns](#origins-patterns) below.
* `unattended_package_blacklist`:
* Default: `[]`
* Description: Packages which won't be automatically upgraded.
* `unattended_autofix_interrupted_dpkg`:
* Default: `true`
* Description: Whether on unclean dpkg exit to run `dpkg --force-confold --configure -a`.
* `unattended_minimal_steps`:
* Default: `true`
* Description: Split the upgrade into the smallest possible chunks so that they can be interrupted with SIGUSR1.
* `unattended_install_on_shutdown`:
* Default: `false`
* Description: Install all unattended-upgrades when the machine is shutting down.
* `unattended_mail`:
* Default: `false` (don't send any e-mail)
* Description: E-mail address to send information about upgrades or problems with unattended upgrades.
* `unattended_mail_only_on_error`:
* Default: `false`
* Description: Send e-mail only on errors, otherwise e-mail will be sent every time there's a package upgrade.
* `unattended_mail_report`:
* Default: `false`
* Description: Choose on what event to send an email. Possible values are "always", "only-on-error" or "on-change".
* `unattended_remove_unused_dependencies`:
* Default: `false`
* Description: Do automatic removal of all unused dependencies after the upgrade.
* `unattended_remove_new_unused_dependencies`:
* Default: `true`
* Description: Do automatic removal of new unused dependencies after the upgrade.
* `unattended_remove_unused_kernel_packages`:
* Default: `false`
* Description: Remove unused automatically installed kernel-related packages (kernel images, kernel headers and kernel version locked tools)
* `unattended_automatic_reboot`:
* Default: `false`
* Description: Automatically reboot system if any upgraded package requires it, immediately after the upgrade.
* `unattended_automatic_reboot_time`:
* Default: `false`
* Description: Automatically reboot system if any upgraded package requires it, at the specific time (_HH:MM_) instead of immediately after the upgrade.
* `unattended_update_days`:
* Default: `None`
* Description: Set the days of the week that updates should be applied. The days can be specified as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is Monday etc. Example: `{"Mon";"Fri"};`
* `unattended_ignore_apps_require_restart`:
* Default: `false`
* Description: Unattended-upgrades won't automatically upgrade some critical packages requiring restart after an upgrade (i.e. there is `XB-Upgrade-Requires: app-restart` directive in their debian/control file). With this option set to `true`, unattended-upgrades will upgrade these packages regardless of the directive.
* `unattended_syslog_enable`:
* Default: `false`
* Description: Write events to syslog, which is useful in environments where syslog messages are sent to a central store.
* `unattended_syslog_facility`:
* Default: `None`
* Description: Write events to the specified syslog facility, or the daemon facility if not specified. Will only have affect if `unattended_syslog_enable` is set to `true`.
* `unattended_verbose`:
* Default: `0` (no report)
* Description: Define verbosity level of APT for periodic runs. The output will be sent to root.
* Possible options:
* `0`: no report
* `1`: progress report
* `2`: + command outputs
* `3`: + trace on
* `unattended_update_package_list`:
* Default: `1`
* Description: Do "apt-get update" automatically every n-days (0=disable).
* `unattended_download_upgradeable`:
* Default: `0`
* Description: Do "apt-get upgrade --download-only" every n-days (0=disable).
* `unattended_autoclean_interval`:
* Default: `7`
* Description: Do "apt-get autoclean" every n-days (0=disable).
* `unattended_clean_interval`:
* Default: `0`
* Description: Do "apt-get clean" every n-days (0=disable).
* `unattended_random_sleep`:
* Default: `1800` (30 minutes)
* Description: Define maximum for a random interval in seconds after which the apt job starts (only for systems without systemd).
* `unattended_dpkg_options`:
* Default: `[]`
* Description: Array of dpkg command-line options used during unattended-upgrades runs, e.g. `["--force-confdef"]`, `["--force-confold"]`.
* `unattended_dl_limit`:
* Default: `None`
* Description: Limit the download speed in kb/sec using apt bandwidth limit feature.
* `unattended_only_on_ac_power`:
* Default: `false`
* Description: Download and install upgrades only on AC power. It will also install the debian package `powermgmt-base`.
## Origins Patterns
Origins Pattern is a more powerful alternative to the Allowed Origins option used in previous versions of unattended-upgrade.
Pattern is composed of specific keywords:
* `a`,`archive`,`suite` e.g. `stable`, `trusty-security` (`archive=stable`)
* `c`,`component` e.g. `main`, `crontrib`, `non-free` (`component=main`)
* `l`,`label` e.g. `Debian`, `Debian-Security`, `Ubuntu`
* `o`,`origin` e.g. `Debian`, `Unofficial Multimedia Packages`, `Ubuntu`
* `n`,`codename` e.g. `jessie`, `jessie-updates`, `trusty` (this is only supported with `unattended-upgrades` >= 0.80)
* `site` e.g. `http.debian.net`
You can review the available repositories using `apt-cache policy` and debug your choice using `unattended-upgrades -d` command on a target system.
Additionally, unattended-upgrades support two macros (variables), derived from `/etc/debian_version`:
* `${distro_id}` Installed distribution name, e.g. `Debian` or `Ubuntu`.
* `${distro_codename}` Installed codename, e.g. `bullseye` or `jammy`.
Using `${distro_codename}` should be preferred over using `stable` or `oldstable` as a selected, as once `stable` moves to `oldstable`, no security updates will be installed at all, or worse, package from a newer distro release will be installed by accident. The same goes for upgrading your installation from `oldstable` to `stable`, if you forget to change this in your origin patterns, you may not receive the security updates for your newer distro release. With `${distro_codename}`, both cases can never happen.
## Role Usage Examples
Example for Ubuntu, with custom [origins patterns](#patterns-examples), blacklisted packages and e-mail notification:
```yaml
- hosts: all
roles:
- role: hifis.unattended_upgrades
unattended_origins_patterns:
- 'origin=Ubuntu,archive=${distro_codename}-security'
- 'o=Ubuntu,a=${distro_codename}-updates'
unattended_package_blacklist: [cowsay, vim]
unattended_mail: 'root@example.com'
```
_Note:_ You don't need to specify `unattended_origins_patterns`, the role will use distribution's default if the variable is not set.
### Running Only on Debian-based Systems
If you manage multiple distribution with the same playbook, you may want to skip running this role on non-Debian systems. You can [use `when` conditional with role](https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#conditionals-with-roles) to limit the role to particular systems:
```yaml
- hosts: all
roles:
- role: hifis.unattended_upgrades
when: ansible_facts['os_family'] == 'Debian'
```
See [#38](https://github.com/jnv/ansible-role-unattended-upgrades/pull/38) for discussion.
### Patterns Examples
By default, only security updates are allowed for both Ubuntu and Debian. You can add more patterns to allow unattended-updates install more packages automatically, however be aware that automated major updates may potentially break your system.
#### For Debian
```yaml
unattended_origins_patterns:
- 'origin=Debian,codename=${distro_codename},label=Debian-Security' # security updates
- 'o=Debian,codename=${distro_codename},label=Debian' # updates including non-security updates
- 'o=Debian,codename=${distro_codename},a=proposed-updates'
```
#### For Ubuntu
In Ubuntu, archive always contains the distribution codename
```yaml
unattended_origins_patterns:
- 'origin=Ubuntu,archive=${distro_codename}-security'
- 'o=Ubuntu,a=${distro_codename}'
- 'o=Ubuntu,a=${distro_codename}-updates'
- 'o=Ubuntu,a=${distro_codename}-proposed-updates'
```
#### For Raspbian
In Raspbian, it is only possible to update all packages from the default repository, including non-security updates, or updating none.
Updating all, including non-security:
```yaml
unattended_origins_patterns:
- 'origin=Raspbian,codename=${distro_codename},label=Raspbian'
```
To not install any updates on a raspbian host, just set `unattended_origins_patterns` to an empty list:
```
unattended_origins_patterns: []
```
## License
GPL-2.0-or-later
## Author
This role is maintained by [HIFIS Software Services](https://www.hifis.net/)
and was originally forked from [jnv/ansible-role-unattended-upgrades](https://github.com/jnv/ansible-role-unattended-upgrades),
created by [Jan Vlnas](https://github.com/jnv).
## Contributors
We would like to thank and give credits to the following contributors of this
project:
* [alpha0010](https://github.com/alpha0010)
* [gcotelli](https://github.com/gcotelli)
* [lukashass](https://github.com/lukashass)
* [nono-lqdn](https://github.com/nono-lqdn)

17
roles/jnv.unattended_upgrades/defaults/main.yml → roles/hifis-net.unattended_upgrades/defaults/main.yml
View File

@ -47,6 +47,13 @@ unattended_mail: false
# is to always send a mail if Unattended-Upgrade::Mail is set
unattended_mail_only_on_error: false
#Unattended-Upgrade::MailReport
# Set this value to one of:
# "always", "only-on-error" or "on-change"
# If this is not set, then any legacy MailOnlyOnError (boolean) value
# is used to chose between "only-on-error" and "on-change"
unattended_mail_report: false
#Unattended-Upgrade::Remove-Unused-Dependencies
# Do automatic removal of all unused dependencies after the upgrade
# (equivalent to apt-get autoremove)
@ -56,6 +63,11 @@ unattended_remove_unused_dependencies: false
# Remove any new unused dependencies after the upgrade
unattended_remove_new_unused_dependencies: true
#Unattended-Upgrade::Remove-Unused-Kernel-Packages
# Remove unused automatically installed kernel-related packages
# (kernel images, kernel headers and kernel version locked tools)
unattended_remove_unused_kernel_packages: false
#Unattended-Upgrade::Automatic-Reboot
# Automatically reboot *WITHOUT CONFIRMATION* if a
# the file /var/run/reboot-required is found after the upgrade
@ -135,3 +147,8 @@ unattended_dpkg_options: []
# Use apt bandwidth limit feature, this example limits the download speed to 70kb/sec
#unattended_dl_limit: 70
# Unattended-Upgrade::OnlyOnACPower
# Download and install upgrades only on AC power
# (i.e. skip or gracefully stop updates on battery)
unattended_only_on_ac_power: false

0
roles/jnv.unattended_upgrades/handlers/main.yml → roles/hifis-net.unattended_upgrades/handlers/main.yml
View File

23
roles/hifis-net.unattended_upgrades/meta/main.yml Normal file
View File

@ -0,0 +1,23 @@
---
galaxy_info:
standalone: true
role_name: "unattended_upgrades"
author: "hifis"
description: "Setup unattended-upgrades on Debian-based systems"
license: "GPLv2"
min_ansible_version: "2.12"
platforms:
- name: "Ubuntu"
versions:
- "jammy"
- "focal"
- "bionic"
- name: "Debian"
versions:
- "buster"
- "bullseye"
galaxy_tags:
- "system"
dependencies: []

10
roles/hifis-net.unattended_upgrades/molecule/default/converge.yml Normal file
View File

@ -0,0 +1,10 @@
---
# Play to create and provision instance.
- name: "Converge"
hosts: "all"
tasks:
- name: "Include unattended_upgrades role"
ansible.builtin.include_role:
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
...

55
roles/hifis-net.unattended_upgrades/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,55 @@
---
dependency:
name: "galaxy"
driver:
name: "podman"
platforms:
- name: "instance"
image: "${MOLECULE_IMAGE:-ghcr.io/hifis-net/ubuntu-systemd:22.04}"
pre_build_image: true
privileged: true
override_command: false
systemd: true
tty: true
lint: |
set -e &&
yamllint --strict --format colored . &&
ansible-lint -v --force-color --offline --exclude .pipenv/ . ./molecule
provisioner:
name: "ansible"
inventory:
hosts:
all:
vars:
unattended_autofix_interrupted_dpkg: false
unattended_minimal_steps: true
unattended_install_on_shutdown: true
unattended_automatic_reboot: true
unattended_update_days: '{"Sat"}'
unattended_remove_unused_kernel_packages: true
unattended_only_on_ac_power: true
playbooks:
prepare: "prepare.yml"
check: "converge.yml"
converge: "converge.yml"
verify: "verify.yml"
verifier:
name: "ansible"
scenario:
name: "default"
test_sequence:
- "lint"
- "destroy"
- "dependency"
- "syntax"
- "create"
- "prepare"
- "check"
- "converge"
- "idempotence"
- "check"
- "side_effect"
- "verify"
- "destroy"
...

11
roles/hifis-net.unattended_upgrades/molecule/default/prepare.yml Normal file
View File

@ -0,0 +1,11 @@
---
# Play to install dependencies.
- name: "Prepare"
hosts: "all"
tasks:
- name: "Install dependencies"
ansible.builtin.apt:
update_cache: "yes"
force_apt_get: "yes"
...

32
roles/hifis-net.unattended_upgrades/molecule/default/verify.yml Normal file
View File

@ -0,0 +1,32 @@
---
- name: "Verify unattended upgrades installation"
hosts: "all"
tasks:
- name: "Get apt-config variables"
ansible.builtin.command: "apt-config dump"
register: "aptconfig"
changed_when: false
- name: "Check for registered variables"
ansible.builtin.assert:
that: "item in aptconfig.stdout"
with_items:
- 'APT::Periodic::Unattended-Upgrade "1"'
- 'Unattended-Upgrade::AutoFixInterruptedDpkg "false"'
- 'Unattended-Upgrade::MinimalSteps "true"'
- 'Unattended-Upgrade::InstallOnShutdown "true"'
- 'Unattended-Upgrade::Automatic-Reboot "true"'
# NOTE: this uses the array syntax, which requires one
# top-level record, then one item per line
- 'Unattended-Upgrade::Update-Days "";'
- 'Unattended-Upgrade::Update-Days:: "Sat";'
- 'Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";'
- 'Unattended-Upgrade::OnlyOnACPower "true";'
- name: "Dry run unattended-upgrades"
ansible.builtin.command: "/usr/bin/unattended-upgrades --dry-run"
register: "dry_run"
failed_when: "dry_run.rc != 0"
changed_when: false
...

4
roles/hifis-net.unattended_upgrades/tasks/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: "Import tasks from the unattended-upgrades playbook"
ansible.builtin.import_tasks: "unattended-upgrades.yml"
tags: "unattended"

10
roles/jnv.unattended_upgrades/tasks/reboot.yml → roles/hifis-net.unattended_upgrades/tasks/reboot.yml
View File

@ -1,9 +1,9 @@
---
# Ignored, since newer distros don't need this package
# https://github.com/jnv/ansible-role-unattended-upgrades/issues/6
- name: install update-notifier-common
apt:
pkg: update-notifier-common
state: present
- name: "Install update-notifier-common"
ansible.builtin.apt:
name: "update-notifier-common"
state: "present"
force_apt_get: "yes"
failed_when: false

38
roles/hifis-net.unattended_upgrades/tasks/unattended-upgrades.yml Normal file
View File

@ -0,0 +1,38 @@
---
- name: "Add distribution-specific variables"
ansible.builtin.include_vars: "{{ ansible_distribution }}.yml"
- name: "Add Debian Bullseye workaround"
ansible.builtin.include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
when:
- "ansible_distribution == 'Debian'"
- "ansible_distribution_release == 'bullseye'"
- name: "Install powermgmt-base"
ansible.builtin.apt:
name: "powermgmt-base"
state: "present"
cache_valid_time: "{{ unattended_cache_valid_time }}"
update_cache: "yes"
force_apt_get: "yes"
when: "unattended_only_on_ac_power"
- name: "Install unattended-upgrades"
ansible.builtin.apt:
name: "unattended-upgrades"
state: "present"
cache_valid_time: "{{ unattended_cache_valid_time }}"
update_cache: "yes"
force_apt_get: "yes"
- name: "Install reboot dependencies"
ansible.builtin.import_tasks: "reboot.yml"
when: "unattended_automatic_reboot | bool"
- name: "Create Apt auto-upgrades & unattended-upgrades configuration"
ansible.builtin.template:
src: "unattended-upgrades.j2"
dest: "/etc/apt/apt.conf.d/90-ansible-unattended-upgrades"
owner: "root"
group: "root"
mode: "0644"

53
roles/jnv.unattended_upgrades/templates/unattended-upgrades.j2 → roles/hifis-net.unattended_upgrades/templates/unattended-upgrades.j2
View File

@ -1,11 +1,42 @@
// {{ ansible_managed }}
{{ ansible_managed | comment('c') }}
// Overrides for `20auto-upgrades`. //////////////////////////////////////////
APT::Periodic::Unattended-Upgrade "1";
{% if unattended_update_package_list is defined %}
APT::Periodic::Update-Package-Lists "{{unattended_update_package_list}}";
{% endif %}
{% if unattended_download_upgradeable is defined %}
APT::Periodic::Download-Upgradeable-Packages "{{unattended_download_upgradeable}}";
{% endif %}
{% if unattended_autoclean_interval is defined %}
APT::Periodic::AutocleanInterval "{{unattended_autoclean_interval}}";
{% endif %}
{% if unattended_clean_interval is defined %}
APT::Periodic::CleanInterval "{{unattended_clean_interval}}";
{% endif %}
{% if unattended_verbose is defined %}
APT::Periodic::Verbose "{{unattended_verbose}}";
{% endif %}
{% if unattended_random_sleep is defined %}
APT::Periodic::RandomSleep "{{unattended_random_sleep}}";
{% endif %}
// Overrides for `50unattended-upgrades`. ////////////////////////////////////
// Unattended-Upgrade::Origins-Pattern controls which packages are
// upgraded.
Unattended-Upgrade::Origins-Pattern {
{% if unattended_origins_patterns is defined %}
{% for origin in unattended_origins_patterns %}
"{{ origin }}";
"{{ origin }}";
{% endfor %}
{% else %}
{% for origin in __unattended_origins_patterns %}
@ -56,6 +87,14 @@ Unattended-Upgrade::Mail "{{unattended_mail}}";
Unattended-Upgrade::MailOnlyOnError "true";
{% endif %}
{% if unattended_mail_report %}
// Set this value to one of:
// "always", "only-on-error" or "on-change"
// If this is not set, then any legacy MailOnlyOnError (boolean) value
// is used to chose between "only-on-error" and "on-change"
Unattended-Upgrade::MailReport "{{ unattended_mail_report }}";
{% endif %}
{% if unattended_remove_unused_dependencies %}
// Do automatic removal of all unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
@ -67,6 +106,12 @@ Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Remove-New-Unused-Dependencies "false";
{% endif %}
{% if unattended_remove_unused_kernel_packages %}
// Remove unused automatically installed kernel-related packages
// (kernel images, kernel headers and kernel version locked tools).
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
{% endif %}
{% if unattended_automatic_reboot %}
// Automatically reboot *WITHOUT CONFIRMATION* if a
// the file /var/run/reboot-required is found after the upgrade
@ -121,3 +166,7 @@ Dpkg::Options {
// speed to 70kb/sec
Acquire::http::Dl-Limit "{{ unattended_dl_limit }}";
{% endif %}
// Download and install upgrades only on AC power
// (i.e. skip or gracefully stop updates on battery)
Unattended-Upgrade::OnlyOnACPower "{{ unattended_only_on_ac_power | to_json }}";

0
roles/jnv.unattended_upgrades/tests/ansible.cfg → roles/hifis-net.unattended_upgrades/tests/ansible.cfg
View File

0
roles/jnv.unattended_upgrades/tests/inventory → roles/hifis-net.unattended_upgrades/tests/inventory
View File

3
roles/hifis-net.unattended_upgrades/tests/requirements.yml Normal file
View File

@ -0,0 +1,3 @@
---
- src: "chrismeyersfsu.provision_docker"
name: "provision_docker"

0
roles/jnv.unattended_upgrades/tests/test.sh → roles/hifis-net.unattended_upgrades/tests/test.sh
View File

62
roles/jnv.unattended_upgrades/tests/test.yml → roles/hifis-net.unattended_upgrades/tests/test.yml
View File

@ -1,39 +1,39 @@
---
- name: Bring up Docker containers
hosts: localhost
- name: "Bring up Docker containers"
hosts: "localhost"
gather_facts: false
vars:
inventory:
- name: ubuntu_latest
- name: "ubuntu_latest"
image: "ubuntu:latest"
- name: ubuntu_bionic
- name: "ubuntu_bionic"
image: "ubuntu:bionic"
- name: ubuntu_xenial
- name: "ubuntu_xenial"
image: "ubuntu:xenial"
- name: ubuntu_trusty
- name: "ubuntu_trusty"
image: "ubuntu:trusty"
# 6/2020: Disabled Debian Testing due to missing python packages (python-apt)
#- name: debian_testing
# image: "debian:testing"
- name: debian_stable
- name: "debian_stable"
image: "debian:stable"
- name: debian_oldstable
- name: "debian_oldstable"
image: "debian:oldstable"
roles:
- role: provision_docker
- role: "provision_docker"
provision_docker_inventory: "{{ inventory }}"
provision_docker_privileged: true
provision_docker_use_docker_connection: true
- name: Test role
hosts: docker_containers
- name: "Test role"
hosts: "docker_containers"
gather_facts: false
pre_tasks:
- name: Provision Python
raw: bash -c "test -e /usr/bin/python || (apt-get -y update && apt-get install -y python)"
register: output
changed_when: output.stdout
- name: Gather facts
- name: "Provision Python"
raw: 'bash -c "test -e /usr/bin/python || (apt-get -y update && apt-get install -y python)"'
register: "output"
changed_when: "output.stdout"
- name: "Gather facts"
setup:
vars:
unattended_autofix_interrupted_dpkg: false
@ -43,24 +43,24 @@
unattended_update_days: '{"Sat"}'
roles:
# Searched for in ../.. (see ansible.cfg)
- ansible-role-unattended-upgrades
- "ansible-role-unattended-upgrades"
tasks:
- name: Idempotency check
- name: "Idempotency check"
include_role:
name: ansible-role-unattended-upgrades
register: idempotency
- name: fail when idempotency.changed
name: "ansible-role-unattended-upgrades"
register: "idempotency"
- name: "fail when idempotency.changed"
fail:
msg: Role failed idempotency check
when: idempotency.changed
msg: "Role failed idempotency check"
when: "idempotency.changed"
- name: Get apt-config variables
command: apt-config dump
register: aptconfig
- name: "Get apt-config variables"
command: "apt-config dump"
register: "aptconfig"
changed_when: false
- name: Check for registered variables
- name: "Check for registered variables"
assert:
that: item in aptconfig.stdout
that: "item in aptconfig.stdout"
with_items:
- 'APT::Periodic::Unattended-Upgrade "1"'
- 'Unattended-Upgrade::AutoFixInterruptedDpkg "false"'
@ -72,6 +72,6 @@
- 'Unattended-Upgrade::Update-Days "";'
- 'Unattended-Upgrade::Update-Days:: "Sat";'
- name: Dry run unattended-upgrades
command: /usr/bin/unattended-upgrades --dry-run
changed_when: idempotency.changed|bool
- name: "Dry run unattended-upgrades"
command: "/usr/bin/unattended-upgrades --dry-run"
changed_when: "idempotency.changed | bool"

9
roles/hifis-net.unattended_upgrades/vars/Debian-bullseye.yml Normal file
View File

@ -0,0 +1,9 @@
---
# From https://metadata.ftp-master.debian.org/changelogs//main/u/unattended-upgrades/unattended-upgrades_2.8_changelog
# Allow both ${distro_codename} or ${distro_codename}-security on Debian
# as security update codenames. The latter will be used starting with
# Bullseye, but to help backporting and testing the configuration file keeps
# working on Buster and older releases. (Closes: #933138)
__unattended_origins_patterns:
- 'origin=Debian,codename=${distro_codename},label=Debian-Security'
- 'origin=Debian,codename=${distro_codename}-security,label=Debian-Security'

0
roles/jnv.unattended_upgrades/vars/Debian.yml → roles/hifis-net.unattended_upgrades/vars/Debian.yml
View File

0
roles/jnv.unattended_upgrades/vars/Ubuntu.yml → roles/hifis-net.unattended_upgrades/vars/Ubuntu.yml
View File

2
roles/jnv.unattended_upgrades/.ansible-lint
View File

@ -1,2 +0,0 @@
skip_list:
- '503'

17
roles/jnv.unattended_upgrades/.github/workflows/ansible-linting-check.yml vendored
View File

@ -1,17 +0,0 @@
name: Ansible Lint check
# visit https://github.com/marketplace/actions/ansible-lint for infos
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible/ansible-lint-action@master
with:
targets: "."

16
roles/jnv.unattended_upgrades/.travis.yml
View File

@ -1,16 +0,0 @@
sudo: required
language: python
services: docker
cache: pip
install:
- pip install ansible docker
- ansible-galaxy install -r tests/requirements.yml -p tests/roles/
script:
- ansible --version
- tests/test.sh
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

199
roles/jnv.unattended_upgrades/README.md
View File

@ -1,199 +0,0 @@
# Unattended-Upgrades Role for Ansible
[![Build Status of branch master](https://img.shields.io/travis/jnv/ansible-role-unattended-upgrades/master.svg?style=flat-square)](https://travis-ci.org/jnv/ansible-role-unattended-upgrades)
[![Ansible Role: jnv.unattended-upgrades](https://img.shields.io/ansible/role/8068.svg?style=flat-square)](https://galaxy.ansible.com/jnv/unattended-upgrades/)
Install and setup [unattended-upgrades](https://launchpad.net/unattended-upgrades) for Ubuntu and Debian (since Wheezy), to periodically install security upgrades.
**NOTE:** If you have used version 0.0.1 of the role, you can delete the file `/etc/apt/apt.conf.d/10periodic` as it is not needed anymore. You can use the following one-shot command:
ansible -m file -a "state=absent path=/etc/apt/apt.conf.d/10periodic" <host-pattern>
## Requirements
The role uses [apt module](http://docs.ansible.com/apt_repository_module.html) which has additional dependencies.
If you set `unattended_mail` to an e-mail address, make sure `mailx` command is available and your system is able to send e-mails.
The role requires unattended-upgrades version 0.70 and newer, which is available since Debian Wheezy and Ubuntu 12.04 respectively. This is due to [Origins Patterns](#origins-patterns) usage; if this is not available on your system, you may use [the first version of the role](https://github.com/jnv/ansible-role-unattended-upgrades/tree/v0.1).
### Automatic Reboot
If you enable automatic reboot feature (`unattended_automatic_reboot`), the role will attempt to install `update-notifier-common` package, which is required on some systems for detecting and executing reboot after the upgrade. You may optionally define a specific time for rebooting (`unattended_automatic_reboot_time`).
This feature was broken in Debian Jessie, but eventually was rolled into the unattended-upgrades package; see [the discussion in #6](https://github.com/jnv/ansible-role-unattended-upgrades/issues/6) for more details.
## Disabled Cron Jobs
On some hosts you may find that the unattended-upgrade's cronfile `/etc/cron.daily/apt` file has been renamed to `apt.disabled`. This is possibly provider's decision, to save some CPU cycles. Use [enable-standard-cronjobs](https://github.com/Yannik/ansible-role-enable-standard-cronjobs) role to reenable unattended-upgrades. See also discussion in [#9](https://github.com/jnv/ansible-role-unattended-upgrades/issues/9).
## Role Variables
* `unattended_cache_valid_time`: Update the apt cache if its older than the given time in seconds; passed to the [apt module](https://docs.ansible.com/ansible/latest/apt_module.html) during package installation.
* Default: `3600`
* `unattended_origins_patterns`: array of origins patterns to determine whether the package can be automatically installed, for more details see [Origins Patterns](#origins-patterns) below.
* Default for Debian: `['origin=Debian,codename=${distro_codename},label=Debian-Security']`
* Default for Ubuntu: `['origin=Ubuntu,archive=${distro_codename}-security,label=Ubuntu']`
* `unattended_package_blacklist`: packages which won't be automatically upgraded
* Default: `[]`
* `unattended_autofix_interrupted_dpkg`: whether on unclean dpkg exit to run `dpkg --force-confold --configure -a`
* Default: `true`
* `unattended_minimal_steps`: split the upgrade into the smallest possible chunks so that they can be interrupted with SIGUSR1.
* Default: `true`
* `unattended_install_on_shutdown`: install all unattended-upgrades when the machine is shuting down.
* Default: `false`
* `unattended_mail`: e-mail address to send information about upgrades or problems with unattended upgrades
* Default: `false` (don't send any e-mail)
* `unattended_mail_only_on_error`: send e-mail only on errors, otherwise e-mail will be sent every time there's a package upgrade.
* Default: `false`
* `unattended_remove_unused_dependencies`: do automatic removal of all unused dependencies after the upgrade.
* Default: `false`
* `unattended_remove_new_unused_dependencies`: do automatic removal of new unused dependencies after the upgrade.
* Default: `true`
* `unattended_automatic_reboot`: Automatically reboot system if any upgraded package requires it, immediately after the upgrade.
* Default: `false`
* `unattended_automatic_reboot_time`: Automatically reboot system if any upgraded package requires it, at the specific time (_HH:MM_) instead of immediately after the upgrade.
* Default: `false`
* `unattended_update_days`: Set the days of the week that updates should be applied. The days can be specified as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is Monday etc. Example: `{"Mon";"Fri"};`
* Default: disabled
* `unattended_ignore_apps_require_restart`: unattended-upgrades won't automatically upgrade some critical packages requiring restart after an upgrade (i.e. there is `XB-Upgrade-Requires: app-restart` directive in their debian/control file). With this option set to `true`, unattended-upgrades will upgrade these packages regardless of the directive.
* Default: `false`
* `unattended_syslog_enable`: Write events to syslog, which is useful in environments where syslog messages are sent to a central store.
* Default: `false`
* `unattended_syslog_facility`: Write events to the specified syslog facility, or the daemon facility if not specified. Will only have affect if `unattended_syslog_enable` is set to `true`.
* Default: `daemon`
* `unattended_verbose`: Define verbosity level of APT for periodic runs. The output will be sent to root.
* Possible options:
* `0`: no report
* `1`: progress report
* `2`: + command outputs
* `3`: + trace on
* Default: `0` (no report)
* `unattended_update_package_list`: Do "apt-get update" automatically every n-days (0=disable)
* Default: `1`
* `unattended_download_upgradeable`: Do "apt-get upgrade --download-only" every n-days (0=disable)
* Default: `0`
* `unattended_autoclean_interval`: Do "apt-get autoclean" every n-days (0=disable)
* Default: `7`
* `unattended_clean_interval`: Do "apt-get clean" every n-days (0=disable)
* Default: `0`
* `unattended_random_sleep`: Define maximum for a random interval in seconds after which the apt job starts (only for systems without systemd)
* Default: `1800` (30 minutes)
* `unattended_dpkg_options`: Array of dpkg command-line options used during unattended-upgrades runs, e.g. `["--force-confdef"]`, `["--force-confold"]`
* Default: `[]`
* `unattended_dl_limit`: Limit the download speed in kb/sec using apt bandwidth limit feature.
* Default: disabled
## Origins Patterns
Origins Pattern is a more powerful alternative to the Allowed Origins option used in previous versions of unattended-upgrade.
Pattern is composed from specific keywords:
* `a`,`archive`,`suite` e.g. `stable`, `trusty-security` (`archive=stable`)
* `c`,`component` e.g. `main`, `crontrib`, `non-free` (`component=main`)
* `l`,`label` e.g. `Debian`, `Debian-Security`, `Ubuntu`
* `o`,`origin` e.g. `Debian`, `Unofficial Multimedia Packages`, `Ubuntu`
* `n`,`codename` e.g. `jessie`, `jessie-updates`, `trusty` (this is only supported with `unattended-upgrades` >= 0.80)
* `site` e.g. `http.debian.net`
You can review the available repositories using `apt-cache policy` and debug your choice using `unattended-upgrades -d` command on a target system.
Additionally unattended-upgrades support two macros (variables), derived from `/etc/debian_version`:
* `${distro_id}` Installed distribution name, e.g. `Debian` or `Ubuntu`.
* `${distro_codename}` Installed codename, e.g. `jessie` or `trusty`.
Using `${distro_codename}` should be preferred over using `stable` or `oldstable` as a selected, as once `stable` moves to `oldstable`, no security updates will be installed at all, or worse, package from a newer distro release will be installed by accident. The same goes for upgrading your installation from `oldstable` to `stable`, if you forget to change this in your origin patterns, you may not receive the security updates for your newer distro release. With `${distro_codename}`, both cases can never happen.
## Role Usage Examples
Example for Ubuntu, with custom [origins patterns](#patterns-examples), blacklisted packages and e-mail notification:
```yaml
- hosts: all
roles:
- role: jnv.unattended-upgrades
unattended_origins_patterns:
- 'origin=Ubuntu,archive=${distro_codename}-security'
- 'o=Ubuntu,a=${distro_codename}-updates'
unattended_package_blacklist: [cowsay, vim]
unattended_mail: 'root@example.com'
```
_Note:_ You don't need to specify `unattended_origins_patterns`, the role will use distribution's default if the variable is not set.
### Running Only on Debian-based Systems
If you manage multiple distribution with the same playbook, you may want to skip running this role on non-Debian systems. You can [use `when` conditional with role](https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#conditionals-with-roles) to limit the role to particular systems:
```yaml
- hosts: all
roles:
- role: jnv.unattended-upgrades
when: ansible_facts['os_family'] == 'Debian'
```
See [#38](https://github.com/jnv/ansible-role-unattended-upgrades/pull/38) for discussion.
### Patterns Examples
By default, only security updates are allowed for both Ubuntu and Debian. You can add more patterns to allow unattended-updates install more packages automatically, however be aware that automated major updates may potentially break your system.
#### For Debian
```yaml
unattended_origins_patterns:
- 'origin=Debian,codename=${distro_codename},label=Debian-Security' # security updates
- 'o=Debian,codename=${distro_codename},label=Debian' # updates including non-security updates
- 'o=Debian,codename=${distro_codename},a=proposed-updates'
```
On debian wheezy, due to `unattended-upgrades` being `0.79.5`, you cannot use the `codename` directive.
You will have to do archive based matching instead:
```yaml
unattended_origins_patterns:
- 'origin=Debian,a=stable,label=Debian-Security' # security updates
- 'o=Debian,a=stable,l=Debian' # updates including non-security updates
- 'o=Debian,a=proposed-updates'
```
Please be sure to read about the issues regarding this in the origin pattern documentation above.
#### For Ubuntu
In Ubuntu, archive always contains the distribution codename
```yaml
unattended_origins_patterns:
- 'origin=Ubuntu,archive=${distro_codename}-security'
- 'o=Ubuntu,a=${distro_codename}'
- 'o=Ubuntu,a=${distro_codename}-updates'
- 'o=Ubuntu,a=${distro_codename}-proposed-updates'
```
#### For Raspbian
In Raspbian, it is only possible to update all packages from the default repository, including non-security updates, or updating none.
Updating all, including non-security:
```yaml
unattended_origins_patterns:
- 'origin=Raspbian,codename=${distro_codename},label=Raspbian'
```
You can not use the `codename` directive on raspbian wheezy, the same as with debian wheezy above.
To not install any updates on a raspbian host, just set `unattended_origins_patterns` to an empty list:
```
unattended_origins_patterns: []
```
## License
GPLv2

38
roles/jnv.unattended_upgrades/meta/main.yml
View File

@ -1,38 +0,0 @@
---
galaxy_info:
author: Jan Vlnas
description: Setup unattended-upgrades on Debian-based systems
license: GPLv2
min_ansible_version: 1.4
platforms:
- name: Ubuntu
versions:
- precise
- raring
- saucy
- trusty
- utopic
- name: Debian
versions:
- wheezy
- jessie
#
# Below are all categories currently available. Just as with
# the platforms above, uncomment those that apply to your role.
#
galaxy_tags:
#- cloud
#- cloud:ec2
#- cloud:gce
#- cloud:rax
#- database
#- database:nosql
#- database:sql
#- development
#- monitoring
#- networking
#- packaging
- system
#- web
dependencies: []

2
roles/jnv.unattended_upgrades/tasks/main.yml
View File

@ -1,2 +0,0 @@
- include: unattended-upgrades.yml
tags: unattended

34
roles/jnv.unattended_upgrades/tasks/unattended-upgrades.yml
View File

@ -1,34 +0,0 @@
---
- name: add distribution-specific variables
include_vars: "{{ ansible_distribution }}.yml"
- name: add Debian Wheezy workaround
include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
when: (ansible_distribution == "Debian") and (ansible_distribution_release == "wheezy")
- name: install unattended-upgrades
apt:
pkg: unattended-upgrades
state: present
cache_valid_time: "{{ unattended_cache_valid_time }}"
update_cache: yes
- name: install reboot dependencies
include: reboot.yml
when: unattended_automatic_reboot|bool
- name: create APT auto-upgrades configuration
template:
src: auto-upgrades.j2
dest: /etc/apt/apt.conf.d/20auto-upgrades
owner: root
group: root
mode: 0644
- name: create unattended-upgrades configuration
template:
src: unattended-upgrades.j2
dest: /etc/apt/apt.conf.d/50unattended-upgrades
owner: root
group: root
mode: 0644

27
roles/jnv.unattended_upgrades/templates/auto-upgrades.j2
View File

@ -1,27 +0,0 @@
// {{ ansible_managed }}
APT::Periodic::Unattended-Upgrade "1";
{% if unattended_update_package_list is defined %}
APT::Periodic::Update-Package-Lists "{{unattended_update_package_list}}";
{% endif %}
{% if unattended_download_upgradeable is defined %}
APT::Periodic::Download-Upgradeable-Packages "{{unattended_download_upgradeable}}";
{% endif %}
{% if unattended_autoclean_interval is defined %}
APT::Periodic::AutocleanInterval "{{unattended_autoclean_interval}}";
{% endif %}
{% if unattended_clean_interval is defined %}
APT::Periodic::CleanInterval "{{unattended_clean_interval}}";
{% endif %}
{% if unattended_verbose is defined %}
APT::Periodic::Verbose "{{unattended_verbose}}";
{% endif %}
{% if unattended_random_sleep is defined %}
APT::Periodic::RandomSleep "{{unattended_random_sleep}}";
{% endif %}

3
roles/jnv.unattended_upgrades/tests/requirements.yml
View File

@ -1,3 +0,0 @@
---
- src: chrismeyersfsu.provision_docker
name: provision_docker

11
roles/jnv.unattended_upgrades/vars/Debian-wheezy.yml
View File

@ -1,11 +0,0 @@
---
# This workaround for Debian Wheezy which doesn't support ${distro_codename} macro
# See
# https://github.com/jnv/ansible-role-unattended-upgrades/issues/19
# https://github.com/jnv/ansible-role-unattended-upgrades/pull/20
# for details
__unattended_origins_patterns:
- 'origin=Debian,archive=stable,label=Debian-Security'
- 'origin=Debian,archive=oldstable,label=Debian-Security'