This repository contains an Ansible role for updating Debian servers.
See the defaults/main.yml file for the default variables and meta/argument_spacs.yml for the variable specification.
If upgrade is true tasks in this role will be run, set it to false for servers that should not be upgraded using Ansible, it defaults to true.
When true white a /root/Changelog with the list of packages installed, it defaults to true.
A path to a chroot that should be upgraded, if the path doesn't exist these tasks will be skipped, upgrade_chroot defaults to /chroot.
A boolean, reboot the server when the NEEDRESTART-KSTA variable returned from needrestart -b is "3" and upgrade_reboot is true, it defaults to false.
A boolean, restart systemd services when then are listed by needrestart -b, upgrade_restart defaults to true, set it to false to totally skip restarting services.
A optional list of names of services that should not be restated, by default upgrade_restart_skip is a list containing only one service, dbus.service.
If a apt repo is down this role will fail, in this case you can uypdate servers like this:
ansible example.org -m ansible.builtin.shell -a "sudo apt update && sudo DEBIAN_FRONTEND=noninteractive apt full-upgrade -y"The primary URL of this repo is https://git.coop/webarch/upgrade however it is also mirrored to GitHub and available via Ansible Galaxy.
If you use this role please use a tagged release, see the release notes.
Copyright 2018-2024 Chris Croome, <[email protected]>.
This role is released under the same terms as Ansible itself, the GNU GPLv3.