homeserver/roles/hifis-net.unattended_upgrades/molecule/default/verify.yml
mg b5c16eaacd Rolle aktualisiert: unattended upgrades (#461)
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: #461
2023-02-17 12:17:12 +01:00

32 lines
1.2 KiB
YAML

---
- name: "Verify unattended upgrades installation"
hosts: "all"
tasks:
- name: "Get apt-config variables"
ansible.builtin.command: "apt-config dump"
register: "aptconfig"
changed_when: false
- name: "Check for registered variables"
ansible.builtin.assert:
that: "item in aptconfig.stdout"
with_items:
- 'APT::Periodic::Unattended-Upgrade "1"'
- 'Unattended-Upgrade::AutoFixInterruptedDpkg "false"'
- 'Unattended-Upgrade::MinimalSteps "true"'
- 'Unattended-Upgrade::InstallOnShutdown "true"'
- 'Unattended-Upgrade::Automatic-Reboot "true"'
# NOTE: this uses the array syntax, which requires one
# top-level record, then one item per line
- 'Unattended-Upgrade::Update-Days "";'
- 'Unattended-Upgrade::Update-Days:: "Sat";'
- 'Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";'
- 'Unattended-Upgrade::OnlyOnACPower "true";'
- name: "Dry run unattended-upgrades"
ansible.builtin.command: "/usr/bin/unattended-upgrades --dry-run"
register: "dry_run"
failed_when: "dry_run.rc != 0"
changed_when: false
...