Infra_mgmt/roles/unattended-upgrades/README.adoc

1.8 KiB

Unattended-upgrades setup

Unattended-upgrades setup role. It also installs and configures Postfix as a SMTP relay in order to send emails when target system needs to be rebooted.

Requirements

This role was written for Debian (tested on >= 11) and requires root privileges.

Role Variables

Variables can be found in the default vars file. As a bare minimum you should configure SMTP credentials.

upgrades_sender: "{{ ansible_user }}@{{ ansible_hostname }}.lan"

Defines which email unattended-upgrades will use to send emails.

postfix_hostname: "{{ ansible_hostname }}.lan"

Configures Postfix hostname.

smtp_username:
smtp_password:
smtp_port: 587

SMTP credentials (required). Port defaults to 587 (STARTTLS).

relay_servername: "{{ smtp_username | regex_search('(?<=@)(.+)\\.[\\w]+$') }}"

SMTP servername, defaults to smtp_username domain. If yours differs modify it here.

custom_smtp_header: false
from_header:
from_email:

Customizes SMTP header. Make sure to configure from_header (added header) and from_email (email address of FROM) correctly if you enable SMTP headers variable.

smtp_masquerade: false

SMTP masquerade allows to replace the FROM statement to the value of smtp_username.

additional_lists: []

List of additional sources lists you want to add to unattended-upgrades.

Dependencies

None.

Example Playbook

- name: Deploy automatic upgrades
  hosts: all
  become: true
  vars:
    smtp_username: user@domain.com
    smtp_password: pa$$word
  roles:
    - role: 'unattended-upgrades'

License

BSD-3

Author Information

Role created by syrell.