initial commit

This commit is contained in:
Robert Kaussow 2018-11-15 21:38:39 +01:00
parent 18dfc24cdf
commit 6b1d139f5e
7 changed files with 194 additions and 0 deletions

15
defaults/main.yml Normal file
View File

@ -0,0 +1,15 @@
---
yum_cron_custom_cronjob: False
yum_cron_apply_updates: no
yum_cron_download_updates: yes
yum_cron_email_from: root@localhost
yum_cron_email_to: root
yum_cron_emit_via: stdio
# yum_repositories: (defaults to not set)
# epel:
# filename: Extra-EPEL
# desc: Extra Packages for Enterprise Linux (EPEL)
# baseurl: "http://download.fedoraproject.org/pub/epel/$releasever/$basearch/"
# gpgkey: "http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever/"
# enabled: True

15
handlers/main.yml Normal file
View File

@ -0,0 +1,15 @@
---
- block:
- name: Upgrade all packages
yum:
name: "*"
state: latest
listen: __yum_upgrade
- name: Restart yum-cron
service:
name: yum-cron
state: restarted
listen: __yum_cron_restart
become: True
become_user: root

3
tasks/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
- import_tasks: yum_cron.yml
- import_tasks: repository.yml

15
tasks/repository.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Add common yum repositories
yum_repository:
name: "{{ item.key }}"
file: "{{ item.value.filename }}"
description: "{{ item.value.desc }}"
baseurl: "{{ item.value.baseurl }}"
gpgkey: "{{ item.value.gpgkey }}"
enabled: "{{ item.value.enabled }}"
with_dict: "{{ yum_repositories | default({}) }}"
loop_control:
label: "{{ item.key }}"
notify: __yum_upgrade
become: True
become_user: root

51
tasks/yum_cron.yml Normal file
View File

@ -0,0 +1,51 @@
---
- block:
- name: Install yum-cron
package:
name: yum-cron
state: latest
- name: Ensure yum-cron is enabled and running
service:
name: yum-cron
state: started
- name: Adjust yum-cron config file
template:
src: etc/yum/yum-cron.conf.j2
dest: /etc/yum/yum-cron.conf
owner: root
group: root
mode: 0644
notify: __yum_cron_restart
become: True
become_user: root
- block:
- name: Remove default cronjobs for yum-cron
file:
path: "{{ item }}"
state: absent
with_items:
- /etc/cron.daily/0yum-daily.cron
- /etc/cron.hourly/0yum-hourly.cron
- name: Add custom cronjob for yum-cron
template:
src: etc/cron.d/x-yum.j2
dest: /etc/cron.d/x-yum
owner: root
group: root
mode: 0755
- name: Configure crontab to use custom yum-cron cronjob
cron:
name: yum-cron
minute: 0
hour: 3
user: root
cron_file: /etc/crontab
job: "/bin/sh /etc/cron.d/x-yum"
become: True
become_user: root
when: yum_cron_custom_cronjob

View File

@ -0,0 +1,12 @@
#!/bin/bash
# {{ ansible_managed }}
# Only run if this flag is set. The flag is created by the yum-cron init
# script when the service is started -- this allows one to use chkconfig and
# the standard "service stop|start" commands to enable or disable yum-cron.
if [[ ! -f /var/lock/subsys/yum-cron ]]; then
exit 0
fi
# Action!
exec /usr/sbin/yum-cron

View File

@ -0,0 +1,83 @@
# {{ ansible_managed }}
[commands]
# What kind of update to use:
# default = yum upgrade
# security = yum --security upgrade
# security-severity:Critical = yum --sec-severity=Critical upgrade
# minimal = yum --bugfix update-minimal
# minimal-security = yum --security update-minimal
# minimal-security-severity:Critical = --sec-severity=Critical update-minimal
update_cmd = default
# Whether a message should be emitted when updates are available,
# were downloaded, or applied.
update_messages = yes
# Whether updates should be downloaded when they are available.
download_updates = {{ yum_cron_download_updates }}
# Whether updates should be applied when they are available. Note
# that download_updates must also be yes for the update to be applied.
apply_updates = {{ yum_cron_apply_updates }}
# Maximum amout of time to randomly sleep, in minutes. The program
# will sleep for a random amount of time between 0 and random_sleep
# minutes before running. This is useful for e.g. staggering the
# times that multiple systems will access update servers. If
# random_sleep is 0 or negative, the program will run immediately.
# 6*60 = 360
random_sleep = 360
[emitters]
# Name to use for this system in messages that are emitted. If
# system_name is None, the hostname will be used.
system_name = None
# How to send messages. Valid options are stdio and email. If
# emit_via includes stdio, messages will be sent to stdout; this is useful
# to have cron send the messages. If emit_via includes email, this
# program will send email itself according to the configured options.
# If emit_via is None or left blank, no messages will be sent.
emit_via = {{ yum_cron_emit_via }}
# The width, in characters, that messages that are emitted should be
# formatted to.
output_width = 80
[email]
# The address to send email messages from.
# NOTE: 'localhost' will be replaced with the value of system_name.
email_from = {{ yum_cron_email_from }}
# List of addresses to send messages to.
email_to = {{ yum_cron_email_to }}
# Name of the host to connect to to send email messages.
email_host = localhost
[groups]
# NOTE: This only works when group_command != objects, which is now the default
# List of groups to update
group_list = None
# The types of group packages to install
group_package_types = mandatory, default
[base]
# This section overrides yum.conf
# Use this to filter Yum core messages
# -4: critical
# -3: critical+errors
# -2: critical+errors+warnings (default)
debuglevel = -2
# skip_broken = True
mdpolicy = group:main
# Uncomment to auto-import new gpg keys (dangerous)
# assumeyes = True