Infra_mgmt/roles/unattended-upgrades/README.rst

1.9 KiB

Unattended-upgrades setup

Unattended-upgrades setup role. It also installs and configures Postfix as a SMTP relay in order to send emails when target system needs to be rebooted.

Requirements

This role was written for Debian (11) and requires root privileges.

Role Variables

Variables can be found in the default vars. As a bare minimum you should configure SMTP credentials.

upgrades_sender: "{{ ansible_user }}@{{ ansible_hostname }}.lan"

Defines which email unattended-upgrades will use to send emails.

postfix_hostname: "{{ ansible_hostname }}.lan"

Configures Postfix hostname.

smtp_username:
smtp_password:
smtp_port: 587

SMTP credentials (required). Port defaults to 587 (STARTTLS).

relay_servername: "{{ smtp_username | regex_search('(?<=@)(.+)\\.[\\w]+$') }}"

SMTP servername, defaults to smtp_username domain. If yours differs modify it here.

custom_smtp_header: false
from_header:
from_email:

Customizes SMTP header. Make sure to configure from_header (added header) and from_email (email address of FROM) correctly if you enable SMTP headers variable.

smtp_masquerade: false

SMTP masquerade allows to replace the FROM statement to the value of smtp_username.

additional_lists: []

List of additional sources lists you want to add to unattended-upgrades.

Dependencies

None.

Example Playbook

- name: Deploy automatic upgrades
  hosts: all
  become: true
  vars:
    smtp_username: user@domain.com
    smtp_password: pa$$word      
  roles:
    - role: 'unattended-upgrades'

License

BSD-3

Author Information

Role created by syrell.