initial commit
This commit is contained in:
parent
18dfc24cdf
commit
6b1d139f5e
15
defaults/main.yml
Normal file
15
defaults/main.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
yum_cron_custom_cronjob: False
|
||||
yum_cron_apply_updates: no
|
||||
yum_cron_download_updates: yes
|
||||
yum_cron_email_from: root@localhost
|
||||
yum_cron_email_to: root
|
||||
yum_cron_emit_via: stdio
|
||||
|
||||
# yum_repositories: (defaults to not set)
|
||||
# epel:
|
||||
# filename: Extra-EPEL
|
||||
# desc: Extra Packages for Enterprise Linux (EPEL)
|
||||
# baseurl: "http://download.fedoraproject.org/pub/epel/$releasever/$basearch/"
|
||||
# gpgkey: "http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever/"
|
||||
# enabled: True
|
15
handlers/main.yml
Normal file
15
handlers/main.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
- block:
|
||||
- name: Upgrade all packages
|
||||
yum:
|
||||
name: "*"
|
||||
state: latest
|
||||
listen: __yum_upgrade
|
||||
|
||||
- name: Restart yum-cron
|
||||
service:
|
||||
name: yum-cron
|
||||
state: restarted
|
||||
listen: __yum_cron_restart
|
||||
become: True
|
||||
become_user: root
|
3
tasks/main.yml
Normal file
3
tasks/main.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
- import_tasks: yum_cron.yml
|
||||
- import_tasks: repository.yml
|
15
tasks/repository.yml
Normal file
15
tasks/repository.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
- name: Add common yum repositories
|
||||
yum_repository:
|
||||
name: "{{ item.key }}"
|
||||
file: "{{ item.value.filename }}"
|
||||
description: "{{ item.value.desc }}"
|
||||
baseurl: "{{ item.value.baseurl }}"
|
||||
gpgkey: "{{ item.value.gpgkey }}"
|
||||
enabled: "{{ item.value.enabled }}"
|
||||
with_dict: "{{ yum_repositories | default({}) }}"
|
||||
loop_control:
|
||||
label: "{{ item.key }}"
|
||||
notify: __yum_upgrade
|
||||
become: True
|
||||
become_user: root
|
51
tasks/yum_cron.yml
Normal file
51
tasks/yum_cron.yml
Normal file
@ -0,0 +1,51 @@
|
||||
---
|
||||
- block:
|
||||
- name: Install yum-cron
|
||||
package:
|
||||
name: yum-cron
|
||||
state: latest
|
||||
|
||||
- name: Ensure yum-cron is enabled and running
|
||||
service:
|
||||
name: yum-cron
|
||||
state: started
|
||||
|
||||
- name: Adjust yum-cron config file
|
||||
template:
|
||||
src: etc/yum/yum-cron.conf.j2
|
||||
dest: /etc/yum/yum-cron.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: __yum_cron_restart
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- block:
|
||||
- name: Remove default cronjobs for yum-cron
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
- /etc/cron.daily/0yum-daily.cron
|
||||
- /etc/cron.hourly/0yum-hourly.cron
|
||||
|
||||
- name: Add custom cronjob for yum-cron
|
||||
template:
|
||||
src: etc/cron.d/x-yum.j2
|
||||
dest: /etc/cron.d/x-yum
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Configure crontab to use custom yum-cron cronjob
|
||||
cron:
|
||||
name: yum-cron
|
||||
minute: 0
|
||||
hour: 3
|
||||
user: root
|
||||
cron_file: /etc/crontab
|
||||
job: "/bin/sh /etc/cron.d/x-yum"
|
||||
become: True
|
||||
become_user: root
|
||||
when: yum_cron_custom_cronjob
|
12
templates/etc/cron.d/x-yum.j2
Normal file
12
templates/etc/cron.d/x-yum.j2
Normal file
@ -0,0 +1,12 @@
|
||||
#!/bin/bash
|
||||
# {{ ansible_managed }}
|
||||
|
||||
# Only run if this flag is set. The flag is created by the yum-cron init
|
||||
# script when the service is started -- this allows one to use chkconfig and
|
||||
# the standard "service stop|start" commands to enable or disable yum-cron.
|
||||
if [[ ! -f /var/lock/subsys/yum-cron ]]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Action!
|
||||
exec /usr/sbin/yum-cron
|
83
templates/etc/yum/yum-cron.conf.j2
Normal file
83
templates/etc/yum/yum-cron.conf.j2
Normal file
@ -0,0 +1,83 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
[commands]
|
||||
# What kind of update to use:
|
||||
# default = yum upgrade
|
||||
# security = yum --security upgrade
|
||||
# security-severity:Critical = yum --sec-severity=Critical upgrade
|
||||
# minimal = yum --bugfix update-minimal
|
||||
# minimal-security = yum --security update-minimal
|
||||
# minimal-security-severity:Critical = --sec-severity=Critical update-minimal
|
||||
update_cmd = default
|
||||
|
||||
# Whether a message should be emitted when updates are available,
|
||||
# were downloaded, or applied.
|
||||
update_messages = yes
|
||||
|
||||
# Whether updates should be downloaded when they are available.
|
||||
download_updates = {{ yum_cron_download_updates }}
|
||||
|
||||
# Whether updates should be applied when they are available. Note
|
||||
# that download_updates must also be yes for the update to be applied.
|
||||
apply_updates = {{ yum_cron_apply_updates }}
|
||||
|
||||
# Maximum amout of time to randomly sleep, in minutes. The program
|
||||
# will sleep for a random amount of time between 0 and random_sleep
|
||||
# minutes before running. This is useful for e.g. staggering the
|
||||
# times that multiple systems will access update servers. If
|
||||
# random_sleep is 0 or negative, the program will run immediately.
|
||||
# 6*60 = 360
|
||||
random_sleep = 360
|
||||
|
||||
|
||||
[emitters]
|
||||
# Name to use for this system in messages that are emitted. If
|
||||
# system_name is None, the hostname will be used.
|
||||
system_name = None
|
||||
|
||||
# How to send messages. Valid options are stdio and email. If
|
||||
# emit_via includes stdio, messages will be sent to stdout; this is useful
|
||||
# to have cron send the messages. If emit_via includes email, this
|
||||
# program will send email itself according to the configured options.
|
||||
# If emit_via is None or left blank, no messages will be sent.
|
||||
emit_via = {{ yum_cron_emit_via }}
|
||||
|
||||
# The width, in characters, that messages that are emitted should be
|
||||
# formatted to.
|
||||
output_width = 80
|
||||
|
||||
|
||||
[email]
|
||||
# The address to send email messages from.
|
||||
# NOTE: 'localhost' will be replaced with the value of system_name.
|
||||
email_from = {{ yum_cron_email_from }}
|
||||
|
||||
# List of addresses to send messages to.
|
||||
email_to = {{ yum_cron_email_to }}
|
||||
|
||||
# Name of the host to connect to to send email messages.
|
||||
email_host = localhost
|
||||
|
||||
|
||||
[groups]
|
||||
# NOTE: This only works when group_command != objects, which is now the default
|
||||
# List of groups to update
|
||||
group_list = None
|
||||
|
||||
# The types of group packages to install
|
||||
group_package_types = mandatory, default
|
||||
|
||||
[base]
|
||||
# This section overrides yum.conf
|
||||
|
||||
# Use this to filter Yum core messages
|
||||
# -4: critical
|
||||
# -3: critical+errors
|
||||
# -2: critical+errors+warnings (default)
|
||||
debuglevel = -2
|
||||
|
||||
# skip_broken = True
|
||||
mdpolicy = group:main
|
||||
|
||||
# Uncomment to auto-import new gpg keys (dangerous)
|
||||
# assumeyes = True
|
Loading…
Reference in New Issue
Block a user