Basic Ansible - APT Upgrade

readme.md

Simple base of an ansible playbook to perform the equivalent to sudo apt update && sudo apt upgrade on debian hosts.

An example of the command line usage is:
ansible-playbook -i ~/mydirectory/inventory -l mytargets apt-update-upgrade.yml --ask-become-pass

Example of an inventory file:

my servers

[mytargets] 192.168.10.50 ansible_ssh_user=susy ansible_ssh_private_key_file=/.ssh/susy_id_rsa 192.168.10.51 ansible_ssh_user=mary ansible_ssh_private_key_file=/.ssh/mary_id_rsa 192.168.10.52:831 ansible_ssh_user=ralph ansible_ssh_private_key_file=~/.ssh/ralph_id_rsa

[all:vars] ansible_python_interpreter=/usr/bin/python3

apt-update-upgrade.yml

---
- hosts:  mytargets
  become:  true
  tasks:
    - name:  update apt repo and cache
      apt:  
        upgrade=dist
        update_cache=yes 
        force_apt_get=yes 
        cache_valid_time=3600
        autoremove=yes
        autoclean=yes
      register:  result

    - name:  List installed and updated packages
      shell:  grep -E "^$(date +%Y-%m-%d).+ (install|upgrade) " /var/log/dpkg.log | cut -d " " -f 3-5
      register:  result

    - name:  Show output
      debug: msg="{{ result.stdout_lines }}"

    - name:  Check if reboot
      register:  reboot_required_file
      stat:  path=/var/run/reboot-required get_md5=no

    - name:  reboot if kernel was updated
      reboot:
        msg:  "reboot initiated by ansible for kernel upgrade"
        connect_timeout:  5
        reboot_timeout:  300
        pre_reboot_delay:  0
        post_reboot_delay:  30
        test_command:  uptime
      when:  reboot_required_file.stat.exists