ruben/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible/freebsd-update.yml

68 lines
2.1 KiB
YAML
Raw Permalink Blame History

# vim:ts=2:sw=2:et:filetype=ansible
---
- name: FreeBSD patches
hosts: all
become: true
serial: 4
order: shuffle
vars_files:
- ~/.ansible/my_vault.yml
tasks:
- name: Fetch updates
ansible.builtin.command:
cmd: /usr/sbin/freebsd-update fetch --not-running-from-cron
environment:
PAGER: cat
changed_when: '"No updates needed to update" not in fetchupdates.stdout'
register: fetchupdates
# Need to have this working in check mode
check_mode: false
- name: Show results of fetch updates
ansible.builtin.debug:
verbosity: 1
msg: '{{ fetchupdates.stdout }}'
- name: Check if updates are ready to install
ansible.builtin.command:
cmd: /usr/sbin/freebsd-update updatesready
register: updatesready
# Need to have this working in check mode
check_mode: false
# non zero exit code does not mean "failure" but "action needed"
ignore_errors: true
changed_when: updatesready.rc == 0
failed_when: updatesready.rc == 1
- name: Show results of updatesready
ansible.builtin.debug:
verbosity: 1
msg: '{{ updatesready.stdout }}'
- name: Update when updates can be installed
when: updatesready.rc == 0
block:
- name: Perform system updates
ansible.builtin.import_tasks: tasks/update_install_freebsd.yml
- name: Perform ezjail updates
ansible.builtin.import_tasks: tasks/update_ezjail_freebsd.yml
- name: Perform iocage updates
ansible.builtin.import_tasks: tasks/update_iocage_freebsd.yml
- name: Record installed kernel version
ansible.builtin.command:
cmd: /bin/freebsd-version -k
changed_when: false
check_mode: false
register: installedkernel
- name: Reboot system if newer kernel is found
ansible.builtin.import_tasks: tasks/reboot_system.yml
when: ansible_kernel != installedkernel.stdout
- name: Perform system updates post reboot
ansible.builtin.import_tasks: tasks/update_install_freebsd.yml
Reference in New Issue View Git Blame Copy Permalink