From 854c8ed21d8ebf95229d2a3f02718eb8c152ca1a Mon Sep 17 00:00:00 2001 From: Lars Beckers <lars.beckers@rwth-aachen.de> Date: Wed, 2 Aug 2017 23:37:58 +0200 Subject: [PATCH] add debian-updates role --- debian-updates/tasks/main.yml | 62 +++++++++++++++++++++++++++ debian-updates/templates/config.py.j2 | 11 +++++ 2 files changed, 73 insertions(+) create mode 100644 debian-updates/tasks/main.yml create mode 100644 debian-updates/templates/config.py.j2 diff --git a/debian-updates/tasks/main.yml b/debian-updates/tasks/main.yml new file mode 100644 index 0000000..f031a38 --- /dev/null +++ b/debian-updates/tasks/main.yml @@ -0,0 +1,62 @@ +--- +# file: supplemental/debian-updates/tasks/main.yml + +- name: ensure the deploy key is available + copy: + src: "{{ debupdates_deploy_key }}" + dest: /root/.ssh/debian_updates + owner: root + group: root + mode: 0600 + tags: + - debian-updates + +- name: ensure the git is at the current revision + git: + repo: git@git.fsmpi.rwth-aachen.de:larsb/debian-updates.git + dest: /opt/debian-updates + key_file: /root/.ssh/debian_updates + version: HEAD + tags: + - debian-updates + +- name: ensure the data file exists + copy: + src: /opt/debian-updates/apticron.json.example + dest: /opt/debian-updates/apticron.json + mode: 0644 + owner: root + group: root + remote_src: True + force: False + tags: + - debian-updates + +- name: ensure our config is deployed + template: + src: config.py.j2 + dest: /opt/debian-updates/config.py + mode: 0644 + owner: root + group: root + tags: + - debian-updates + +- name: ensure daily notification + file: + state: link + path: /etc/cron.daily/debian-update-notifier + src: /opt/debian-updates/notify.py + tags: + - debian-updates + +- name: ensure apticron messages are retrieved + lineinfile: + line: '{{ apticron_to|regex_replace("@.*$") }}:"|/opt/debian-updates/receive.py"' + path: /etc/aliases + state: present + notify: + - rebuild alias database + tags: + - debian-updates + diff --git a/debian-updates/templates/config.py.j2 b/debian-updates/templates/config.py.j2 new file mode 100644 index 0000000..52fa054 --- /dev/null +++ b/debian-updates/templates/config.py.j2 @@ -0,0 +1,11 @@ +import datetime + +lock_file = '/opt/debian-updates/.json-sync.lock' +report_file = '/opt/debian-updates/apticron.json' +tracker_file = '/opt/debian-updates/security.json' + +notify_subject = '{{ (domain|splitext|first).upper() }} daily update report on '+str(datetime.date.today()) +notify_from = '{{ debupdates_from }}' +notify_recipient = ['{{ debupdates_to|join("', '") }}'] +notify_header = 'Debian Update Notifier/v0.1' +mail_host = 'localhost' -- GitLab