154 lines
5.7 KiB
YAML
154 lines
5.7 KiB
YAML
---
|
||
# Cache update time for apt module
|
||
unattended_cache_valid_time: 3600
|
||
|
||
#Unattended-Upgrade::Origins-Pattern
|
||
# Automatically upgrade packages from these origin patterns
|
||
# e.g.: 'o=Debian,a=stable', 'o=Debian,a=stable-updates'
|
||
#
|
||
# Left unset, distribution-specific defaults will be used through
|
||
# __unattended_origins_patterns variable only if this variable
|
||
# is not provided externally
|
||
# REFS https://github.com/ansible/ansible/issues/8121
|
||
#unattended_origins_patterns: []
|
||
|
||
#Unattended-Upgrade::Package-Blacklist
|
||
# List of packages to not update
|
||
unattended_package_blacklist: []
|
||
|
||
#Unattended-Upgrade::AutoFixInterruptedDpkg
|
||
# On a unclean dpkg exit unattended-upgrades will run
|
||
# dpkg --force-confold --configure -a
|
||
# The default is true, to ensure updates keep getting installed
|
||
unattended_autofix_interrupted_dpkg: true
|
||
|
||
#Unattended-Upgrade::MinimalSteps
|
||
# Split the upgrade into the smallest possible chunks so that
|
||
# they can be interrupted with SIGUSR1. This makes the upgrade
|
||
# a bit slower but it has the benefit that shutdown while a upgrade
|
||
# is running is possible (with a small delay)
|
||
unattended_minimal_steps: true
|
||
|
||
#Unattended-Upgrade::InstallOnShutdown
|
||
# Install all unattended-upgrades when the machine is shuting down
|
||
# instead of doing it in the background while the machine is running
|
||
# This will (obviously) make shutdown slower
|
||
unattended_install_on_shutdown: false
|
||
|
||
#Unattended-Upgrade::Mail
|
||
# Send email to this address for problems or packages upgrades
|
||
# If empty or unset then no email is sent, make sure that you
|
||
# have a working mail setup on your system. A package that provides
|
||
# 'mailx' must be installed.
|
||
unattended_mail: false
|
||
|
||
#Unattended-Upgrade::MailOnlyOnError
|
||
# Set this value to "true" to get emails only on errors. Default
|
||
# is to always send a mail if Unattended-Upgrade::Mail is set
|
||
unattended_mail_only_on_error: false
|
||
|
||
#Unattended-Upgrade::MailReport
|
||
# Set this value to one of:
|
||
# "always", "only-on-error" or "on-change"
|
||
# If this is not set, then any legacy MailOnlyOnError (boolean) value
|
||
# is used to chose between "only-on-error" and "on-change"
|
||
unattended_mail_report: false
|
||
|
||
#Unattended-Upgrade::Remove-Unused-Dependencies
|
||
# Do automatic removal of all unused dependencies after the upgrade
|
||
# (equivalent to apt-get autoremove)
|
||
unattended_remove_unused_dependencies: false
|
||
|
||
#Unattended-Upgrade::Remove-New-Unused-Dependencies
|
||
# Remove any new unused dependencies after the upgrade
|
||
unattended_remove_new_unused_dependencies: true
|
||
|
||
#Unattended-Upgrade::Remove-Unused-Kernel-Packages
|
||
# Remove unused automatically installed kernel-related packages
|
||
# (kernel images, kernel headers and kernel version locked tools)
|
||
unattended_remove_unused_kernel_packages: false
|
||
|
||
#Unattended-Upgrade::Automatic-Reboot
|
||
# Automatically reboot *WITHOUT CONFIRMATION* if a
|
||
# the file /var/run/reboot-required is found after the upgrade
|
||
unattended_automatic_reboot: false
|
||
|
||
#Unattended-Upgrade::Automatic-Reboot-Time
|
||
# If automatic reboot is enabled and needed, reboot at the specific
|
||
# time instead of immediately
|
||
unattended_automatic_reboot_time: false
|
||
|
||
#Unattended-Upgrade::IgnoreAppsRequireRestart
|
||
# Do upgrade application even if it requires restart after upgrade
|
||
# I.e. "XB-Upgrade-Requires: app-restart" is set in the debian/control file
|
||
unattended_ignore_apps_require_restart: false
|
||
|
||
#Unattended-Upgrade::SyslogEnable
|
||
# Write events to syslog, which is useful in environments where syslog
|
||
# messages are sent to a central store.
|
||
unattended_syslog_enable: false
|
||
|
||
#Unattended-Upgrade::SyslogFacility
|
||
# Write events to the specified syslog facility, or the daemon facility if
|
||
# not specified. Requires the Unattended-Upgrade::SyslogEnable option to be
|
||
# set to true.
|
||
#unattended_syslog_facility: "daemon"
|
||
|
||
### APT::Periodic configuration
|
||
# Snatched from /usr/lib/apt/apt.systemd.daily
|
||
|
||
#APT::Periodic::Update-Package-Lists "0";
|
||
# - Do "apt-get update" automatically every n-days (0=disable)
|
||
unattended_update_package_list: 1
|
||
|
||
#APT::Periodic::Download-Upgradeable-Packages "0";
|
||
# - Do "apt-get upgrade --download-only" every n-days (0=disable)
|
||
#unattended_download_upgradeable: 0
|
||
|
||
#APT::Periodic::AutocleanInterval "0";
|
||
# - Do "apt-get autoclean" every n-days (0=disable)
|
||
unattended_autoclean_interval: 7
|
||
|
||
#APT::Periodic::CleanInterval "0";
|
||
# - Do "apt-get clean" every n-days (0=disable)
|
||
#unattended_clean_interval: 0
|
||
|
||
#APT::Periodic::Verbose "0";
|
||
# - Send report mail to root
|
||
# 0: no report (or null string)
|
||
# 1: progress report (actually any string)
|
||
# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d)
|
||
# 3: + trace on
|
||
#unattended_verbose: 0
|
||
|
||
## Cron systems only
|
||
|
||
#APT::Periodic::RandomSleep
|
||
# When the apt job starts, it will sleep for a random period between 0
|
||
# and APT::Periodic::RandomSleep seconds
|
||
# The default value is "1800" so that the script will stall for up to 30
|
||
# minutes (1800 seconds) so that the mirror servers are not crushed by
|
||
# everyone running their updates all at the same time
|
||
# Kept undefined to allow default (1800)
|
||
#unattended_random_sleep: 0
|
||
|
||
#Dpkg::Options
|
||
# Provide dpkg options that take effect during unattended upgrades.
|
||
# By default no flags are appended. Configuration file changes can
|
||
# block installation of certain packages. Passing the flags
|
||
# "--force-confdef" and "--force-confold" will ensure updates are applied
|
||
# and old configuration files are preserved.
|
||
unattended_dpkg_options: []
|
||
|
||
# unattended_dpkg_options:
|
||
# - "--force-confdef"
|
||
# - "--force-confold"
|
||
|
||
|
||
# Use apt bandwidth limit feature, this example limits the download speed to 70kb/sec
|
||
#unattended_dl_limit: 70
|
||
|
||
# Unattended-Upgrade::OnlyOnACPower
|
||
# Download and install upgrades only on AC power
|
||
# (i.e. skip or gracefully stop updates on battery)
|
||
unattended_only_on_ac_power: false
|