roles/common: remove cron-apt
Use unattended-upgrades instead. It has sane defaults on Debian at least (I haven't checked Ubuntu).
This commit is contained in:
parent
88cb3a370e
commit
73fd06fe3a
@ -1,2 +0,0 @@
|
||||
autoclean -y
|
||||
upgrade -y -o APT::Get::Show-Upgraded=true
|
@ -1,5 +0,0 @@
|
||||
# Configuration for cron-apt. For further information about the possible
|
||||
# configuration settings see the README file.
|
||||
|
||||
MAILON="never"
|
||||
OPTIONS="-o quiet=1 -o Dir::Etc::SourceList=/etc/apt/security.sources.list -o Dir::Etc::SourceParts=\"/dev/null\""
|
@ -1,11 +1,17 @@
|
||||
---
|
||||
- name: Configure cron-apt (config)
|
||||
ansible.builtin.copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }} owner={{ item.owner }} group={{ item.group }}
|
||||
loop:
|
||||
- { src: etc/cron-apt/config, dest: /etc/cron-apt/config, mode: "0644", owner: root, group: root }
|
||||
- { src: etc/cron-apt/3-download, dest: /etc/cron-apt/action.d/3-download, mode: "0644", owner: root, group: root }
|
||||
- name: Remove cron-apt
|
||||
ansible.builtin.apt:
|
||||
name: cron-apt
|
||||
state: absent
|
||||
cache_valid_time: 3600
|
||||
|
||||
- name: Configure cron-apt (security)
|
||||
ansible.builtin.template: src=security.sources.list.j2 dest=/etc/apt/security.sources.list mode=0644 owner=root group=root
|
||||
- name: Remove cron-apt configs
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- /etc/cron-apt/config
|
||||
- /etc/cron-apt/action.d/3-download
|
||||
- /etc/apt/security.sources.list
|
||||
|
||||
# vim: set ts=2 sw=2:
|
||||
|
@ -22,7 +22,6 @@
|
||||
- iotop
|
||||
- htop
|
||||
- strace
|
||||
- cron-apt
|
||||
- safe-rm
|
||||
- debian-goodies
|
||||
- mosh
|
||||
@ -34,11 +33,12 @@
|
||||
- zstd
|
||||
- rsync
|
||||
- lsof
|
||||
- unattended-upgrades
|
||||
|
||||
- name: Install base packages
|
||||
ansible.builtin.apt: name={{ base_packages }} state=present cache_valid_time=3600
|
||||
|
||||
- name: Configure cron-apt
|
||||
- name: Remove cron-apt
|
||||
ansible.builtin.import_tasks: cron-apt.yml
|
||||
tags: cron-apt
|
||||
|
||||
|
@ -1,5 +0,0 @@
|
||||
{% if ansible_distribution == 'Ubuntu' %}
|
||||
deb http://security.ubuntu.com/ubuntu {{ ansible_distribution_release }}-security main restricted universe multiverse
|
||||
{% elif ansible_distribution == 'Debian' %}
|
||||
deb http://security.debian.org/debian-security {{ ansible_distribution_release }}/updates main contrib non-free
|
||||
{% endif %}
|
Loading…
x
Reference in New Issue
Block a user