forked from evolix/ansible-roles
99 lines
2.4 KiB
YAML
99 lines
2.4 KiB
YAML
---
|
|
|
|
- name: "hold packages (apt)"
|
|
shell: "set -o pipefail && (dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) || apt-mark hold {{ item }})"
|
|
args:
|
|
executable: /bin/bash
|
|
check_mode: no
|
|
register: apt_mark
|
|
changed_when: "item + ' set on hold.' in apt_mark.stdout"
|
|
failed_when:
|
|
- apt_mark.rc != 0
|
|
- apt_mark.stdout | length > 0
|
|
loop: "{{ apt_hold_packages }}"
|
|
tags:
|
|
- apt
|
|
|
|
- name: "/etc/evolinux is present"
|
|
file:
|
|
dest: /etc/evolinux
|
|
mode: "0700"
|
|
state: directory
|
|
tags:
|
|
- apt
|
|
|
|
- name: "hold packages (config)"
|
|
lineinfile:
|
|
dest: /etc/evolinux/apt_hold_packages.cf
|
|
line: "{{ item }}"
|
|
create: True
|
|
state: present
|
|
loop: "{{ apt_hold_packages }}"
|
|
tags:
|
|
- apt
|
|
|
|
- name: "unhold packages (apt)"
|
|
shell: "set -o pipefail && (dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) && apt-mark unhold {{ item }})"
|
|
args:
|
|
executable: /bin/bash
|
|
check_mode: no
|
|
register: apt_mark
|
|
changed_when: "'Canceled hold on' + item in apt_mark.stdout"
|
|
failed_when: apt_mark.rc != 0 and not apt_mark.stdout = ''
|
|
loop: "{{ apt_unhold_packages }}"
|
|
tags:
|
|
- apt
|
|
|
|
- name: "unhold packages (config)"
|
|
lineinfile:
|
|
dest: /etc/evolinux/apt_hold_packages.cf
|
|
line: "{{ item }}"
|
|
create: True
|
|
state: absent
|
|
loop: "{{ apt_unhold_packages }}"
|
|
tags:
|
|
- apt
|
|
|
|
- name: /usr/share/scripts exists
|
|
file:
|
|
dest: /usr/share/scripts
|
|
mode: "0700"
|
|
owner: root
|
|
group: root
|
|
state: directory
|
|
tags:
|
|
- apt
|
|
|
|
- name: Check scripts is installed
|
|
copy:
|
|
src: check_held_packages.sh
|
|
dest: /usr/share/scripts/check_held_packages.sh
|
|
force: yes
|
|
mode: "0755"
|
|
tags:
|
|
- apt
|
|
|
|
- name: Check if Cron is installed
|
|
shell: "dpkg --list 'cron' 2>/dev/null | grep -q -E '^(i|h)i'"
|
|
register: is_cron
|
|
changed_when: false
|
|
failed_when: false
|
|
check_mode: no
|
|
tags:
|
|
- apt
|
|
|
|
- name: Check for held packages (script)
|
|
cron:
|
|
cron_file: apt-hold-packages
|
|
name: check_held_packages
|
|
job: "/usr/share/scripts/check_held_packages.sh"
|
|
user: root
|
|
minute: "{{ apt_check_hold_cron_minute }}"
|
|
hour: "{{ apt_check_hold_cron_hour }}"
|
|
weekday: "{{ apt_check_hold_cron_weekday }}"
|
|
day: "{{ apt_check_hold_cron_day }}"
|
|
month: "{{ apt_check_hold_cron_month }}"
|
|
state: "present"
|
|
when: is_cron.rc == 0
|
|
tags:
|
|
- apt
|