--- - name: Update hosts strategy: host_pinned hosts: - all:!localhost tags: - update tasks: - name: Update Debian-based hosts when: ansible_facts.pkg_mgr == 'apt' tags: - debian block: - name: Update packages apt: autoclean: true purge: true update_cache: true upgrade: dist register: apt_upgrade - name: Remove no-longer needed dependencies apt: autoremove: true purge: true - name: Update firmware command: fwupdmgr --assume-yes update register: fwupdmgr changed_when: fwupdmgr.rc == 0 # yamllint disable rule:line-length failed_when: fwupdmgr.rc not in [0, 2] - name: Gather package facts package_facts: - name: Update Flatpaks when: |- 'flatpak' in ansible_facts.packages block: - name: Update Flatpaks appstream command: cmd: flatpak update --appstream changed_when: false - name: Update Flatpaks command: cmd: flatpak update --assumeyes register: flatpak_update changed_when: |- "Nothing to do" not in flatpak_update.stdout - name: Remove unused Flatpaks command: cmd: flatpak uninstall --unused --assumeyes register: flatpak_unused changed_when: |- "Nothing" not in flatpak_unused.stdout - name: Set reboot needed fact set_fact: reboot_needed: >- {{ apt_upgrade is changed or fwupdmgr is changed or flatpak_update is changed }} - name: Update OpenWRT hosts when: ansible_facts.pkg_mgr == 'opkg' tags: - openwrt block: # Sometimes the clock is not synced, the date is wrong and certificate # validation during downloads fails. - name: Sync clock command: ntpd -n -q -p 0.openwrt.pool.ntp.org -p 1.openwrt.pool.ntp.org -p 2.openwrt.pool.ntp.org -p 3.openwrt.pool.ntp.org changed_when: false - name: Update package list command: opkg update changed_when: false - name: Update packages # We run through sort so that we don't run 2 instances of opkg at # once. shell: >- opkg list-upgradable | awk '{print $1}' | sort | xargs -rn1 opkg upgrade register: opkg_upgrade changed_when: opkg_upgrade.stdout_lines|length > 0 - name: Set reboot needed fact set_fact: reboot_needed: "{{ opkg_upgrade is changed }}" - name: Update OpenBSD hosts when: ansible_facts.pkg_mgr == 'openbsd_pkg' tags: - openbsd block: - name: Apply system patches command: syspatch register: syspatch changed_when: syspatch.rc == 0 failed_when: syspatch.rc not in [0,2] - name: Update packages community.general.openbsd_pkg: name: "*" state: latest register: pkg_upgrade - name: Update firmware command: fw_update -a register: fw_update changed_when: |- "fw_update: add none; update none;" not in fw_update.stdout - name: Set reboot needed fact set_fact: reboot_needed: >- {{ syspatch is changed or pkg_upgrade is changed or fw_update is changed }} - name: Stop Am I Live SMS notifications hosts: all tasks: - name: Stop Am I Live SMS notifications become: false delegate_to: localhost run_once: true community.aws.ssm_parameter: name: &send_sms_param /amilive/prod/send_sms_notifications region: ®ion eu-west-2 state: present value: "false" - name: Reboot NS1 hosts: - ns1 tasks: - name: Reboot when: reboot_needed|default(false) reboot: tags: - reboot - name: Reboot wireless access point hosts: - mr8300 tasks: - name: Reboot when: reboot_needed|default(false) command: reboot - name: Wait to re-establish the connection wait_for_connection: tags: - reboot - name: Reboot the rest hosts: - all:!ns1:!mr8300 tasks: - name: Wait to re-establish the connection wait_for_connection: - name: Reboot when: reboot_needed|default(false) reboot: tags: - reboot - name: Resume Am I Live SMS notifications hosts: all tasks: - name: Resume Am I Live SMS notifications become: false delegate_to: localhost run_once: true community.aws.ssm_parameter: name: *send_sms_param region: *region state: present value: "true"