commited current state (new functions, may not work by now)
This commit is contained in:
Ansible Servercow
@@ -1,34 +1,125 @@
|
||||
- name: Update mirrors if necessary
|
||||
when: os_also_update_mirror|bool
|
||||
include_tasks: update_mirrors.yaml
|
||||
|
||||
# tasks/main.yml
|
||||
- name: Assert target codename provided
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- os_update_version_codename is defined
|
||||
- os_update_version_codename | length > 0
|
||||
fail_msg: "Setze die Variable 'os_update_version_codename' (z.B. 'trixie')."
|
||||
|
||||
- name: Set current/target codenames
|
||||
ansible.builtin.set_fact:
|
||||
current_codename: "{{ ansible_distribution_release | lower }}"
|
||||
target_codename: "{{ os_update_version_codename | lower }}"
|
||||
|
||||
- name: Stat /etc/apt/sources.list.d
|
||||
ansible.builtin.stat:
|
||||
path: /etc/apt/sources.list.d
|
||||
register: sources_list_d_dir
|
||||
|
||||
- name: Find *.list files in /etc/apt/sources.list.d
|
||||
ansible.builtin.find:
|
||||
paths: /etc/apt/sources.list.d
|
||||
patterns: "*.list"
|
||||
file_type: file
|
||||
register: apt_lists
|
||||
when: sources_list_d_dir.stat.exists | default(false)
|
||||
|
||||
- name: Stat /etc/apt/sources.list
|
||||
ansible.builtin.stat:
|
||||
path: /etc/apt/sources.list
|
||||
register: sources_list_stat
|
||||
|
||||
- name: Build list of APT *.list paths
|
||||
ansible.builtin.set_fact:
|
||||
apt_list_paths: >-
|
||||
{{
|
||||
(vars.get('apt_lists', {}).get('files', [])
|
||||
| map(attribute='path') | list)
|
||||
}}
|
||||
|
||||
- name: Build list of APT source files
|
||||
ansible.builtin.set_fact:
|
||||
apt_source_files: >-
|
||||
{{
|
||||
apt_list_paths
|
||||
+ ([sources_list_stat.stat.path] if (sources_list_stat.stat.exists | default(false)) else [])
|
||||
}}
|
||||
|
||||
# ---------- Backups ----------
|
||||
- name: Backup existing sources in /etc/apt
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ item }}.bak"
|
||||
remote_src: yes
|
||||
loop: "{{ lookup('ansible.builtin.fileglob', '/etc/apt/sources.list.d/*.list') + ['/etc/apt/sources.list'] }}"
|
||||
when: item | file
|
||||
remote_src: true
|
||||
force: true
|
||||
loop: "{{ apt_source_files }}"
|
||||
loop_control:
|
||||
label: "{{ item }}"
|
||||
|
||||
- name: Update sources.list for new major version
|
||||
template:
|
||||
# ---------- Update /etc/apt/sources.list ----------
|
||||
- name: Update /etc/apt/sources.list from template
|
||||
ansible.builtin.template:
|
||||
src: sources.list.j2
|
||||
dest: /etc/apt/sources.list
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
vars:
|
||||
os_update_version_codename: "{{ new_version_codename }}" # Variable gets passed by main.yml task
|
||||
target_codename: "{{ target_codename }}"
|
||||
|
||||
- name: Update additional repositories in /etc/apt/sources.list.d
|
||||
lineinfile:
|
||||
# ---------- Update additional *.list files ----------
|
||||
# Ersetzt den Codename (inkl. optionaler Suite-Suffixe wie -security/-updates) in den .d-Dateien
|
||||
- name: Update codename in /etc/apt/sources.list.d/*.list (keep suffix)
|
||||
ansible.builtin.replace:
|
||||
path: "{{ item }}"
|
||||
regexp: '^(deb .* )({{ os_update_version_codename }})'
|
||||
line: '\1{{ new_version_codename }}'
|
||||
loop: "{{ lookup('ansible.builtin.fileglob', '/etc/apt/sources.list.d/*.list') }}"
|
||||
when: item | file
|
||||
regexp: '(^\s*deb(?:-src)?(?:\s+\[.*?\])?\s+\S+\s+){{ current_codename | regex_escape }}(?P<suffix>-[a-z]+)?(\s+)'
|
||||
replace: '\1{{ target_codename }}\g<suffix>\3'
|
||||
loop: "{{ apt_list_paths }}"
|
||||
when: apt_list_paths | length > 0
|
||||
loop_control:
|
||||
label: "{{ item }}"
|
||||
|
||||
|
||||
# ---- Prevent EXIM (Debian 13 only) ---------
|
||||
- name: Block installation of Exim with APT Pinning
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/apt/preferences.d/block-exim.pref
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
content: |
|
||||
Package: exim4*
|
||||
Pin: release *
|
||||
Pin-Priority: -1
|
||||
|
||||
- name: Remove existing Exim packages (purge + autoremove)
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- exim4
|
||||
- exim4-base
|
||||
- exim4-config
|
||||
- exim4-daemon-light
|
||||
state: absent
|
||||
purge: true
|
||||
autoremove: true
|
||||
register: exim_purge
|
||||
|
||||
# ---------- Upgrade ----------
|
||||
- name: Update apt cache
|
||||
apt:
|
||||
update_cache: yes
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
cache_valid_time: 3600
|
||||
|
||||
- name: Perform distribution upgrade
|
||||
apt:
|
||||
upgrade: yes
|
||||
allow_unauthenticated: yes
|
||||
ansible.builtin.apt:
|
||||
upgrade: dist # dist-upgrade
|
||||
allow_unauthenticated: false
|
||||
notify:
|
||||
- Reboot system
|
||||
- apt cleanup
|
||||
Reference in New Issue
Block a user