Kapisi/playbooks/patching.yml

---
# patching.yml
#
# This playbook can be used to patch all the servers in an inventory to the latest software available.
# Because we typically encrypt our disk storage, we don't wait for the connection to become available again.
# Variables: 
# - target: the host grouper in the inventory -- default: all
#
# Patch then restart a node
- hosts: "{{ target | default('all') }}"
  order: sorted
  ignore_unreachable: true
  serial: 1
  vars: 
    ansible_become: yes
    ansible_become_user: root
    ansible_become_method: sudo
  vars_files:
    - "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
  tasks:
    - name: Check /var free percentage
      command: /bin/bash -c "df -m /var | tail -n 1 | awk '{ print $5; }' | sed 's/%//' "
      become: no
      register: df_output

    - name: Verify /var space
      assert: 
        that: 
          - 90 > {{ df_output.stdout }}
        fail_msg: "Not enough free space"

    - name: Patching all packages (ArchLinux)
      ignore_errors: yes
      when: ansible_os_family == "Archlinux"
      pacman:
        upgrade: yes
        update_cache: yes

    - name: Patching all packages (Debian)
      ignore_errors: yes
      when: ansible_os_family == "Debian"
      apt:
        upgrade: yes
        update_cache: yes

    - name: Reboot
      ignore_errors: yes
      reboot:
          reboot_timeout: 2
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`---`
			`# patching.yml`
			`#`
Syncing current state. 2021-12-19 21:32:19 -06:00			`# This playbook can be used to patch all the servers in an inventory to the latest software available.`
			`# Because we typically encrypt our disk storage, we don't wait for the connection to become available again.`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`# Variables:`
Syncing current state. 2021-12-19 21:32:19 -06:00			`# - target: the host grouper in the inventory -- default: all`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`#`
			`# Patch then restart a node`
Syncing current state. 2021-12-19 21:32:19 -06:00			`- hosts: "{{ target \| default('all') }}"`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`order: sorted`
			`ignore_unreachable: true`
			`serial: 1`
			`vars:`
			`ansible_become: yes`
			`ansible_become_user: root`
			`ansible_become_method: sudo`
			`vars_files:`
Syncing current state. 2021-12-19 21:32:19 -06:00			`- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`tasks:`
			`- name: Check /var free percentage`
			`command: /bin/bash -c "df -m /var \| tail -n 1 \| awk '{ print $5; }' \| sed 's/%//' "`
			`become: no`
			`register: df_output`

			`- name: Verify /var space`
			`assert:`
			`that:`
			`- 90 > {{ df_output.stdout }}`
			`fail_msg: "Not enough free space"`

Syncing current state. 2021-12-19 21:32:19 -06:00			`- name: Patching all packages (ArchLinux)`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`ignore_errors: yes`
Syncing current state. 2021-12-19 21:32:19 -06:00			`when: ansible_os_family == "Archlinux"`
			`pacman:`
			`upgrade: yes`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`update_cache: yes`

Syncing current state. 2021-12-19 21:32:19 -06:00			`- name: Patching all packages (Debian)`
			`ignore_errors: yes`
			`when: ansible_os_family == "Debian"`
			`apt:`
			`upgrade: yes`
			`update_cache: yes`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00
			`- name: Reboot`
Syncing current state. 2021-12-19 21:32:19 -06:00			`ignore_errors: yes`
Updating Ubiqtorate 2020-10-08 16:33:19 -05:00			`reboot:`
Syncing current state. 2021-12-19 21:32:19 -06:00			`reboot_timeout: 2`