ansible/playbooks/host_update.yml

# This playbook updates hosts without guests.
#
# requires --extra-vars="target=somehostname yumcommand=update"


---

- name: Update the system
  hosts: "{{ target }}"
  gather_facts: true
  user: root

  tasks:

  - name: Apply updates
    ansible.builtin.package:
      state: latest
      name: "*"
      update_cache: true
    async: 7200
    poll: 30
    when: package_excludes is not defined

  - debug:
      msg:
      - '!!!!!!!!!!!!!!!!!!! host {{ inventory_hostname }} has EXCLUDES OF {{ package_excludes }} !!!!!!!!!!!!!'
      - '!!!!!!!!!!!!!!!!!!! DANGER DANGER DANGER ^ CHECK THAT EXCLUDES ARE STILL NEEDED ^ !!!!!!!!!!!!!!!!!!!!'
    when: package_excludes is defined
    changed_when: true

  - name: Apply updates with excludes
    ansible.builtin.package:
      state: latest
      name: "*"
      update_cache: true
      exclude: "{{ package_excludes }}"
    async: 7200
    poll: 30
    when: package_excludes is defined

- name: Run rkhunter if installed
  hosts: "{{ target }}"
  user: root

  tasks:
  - name: Check for rkhunter
    ansible.builtin.command: /usr/bin/test -f /usr/bin/rkhunter
    register: rkhunter
    ignore_errors: true

  - name: Run rkhunter --propupd
    ansible.builtin.command: /usr/bin/rkhunter --propupd
    when: rkhunter is success
Added host_update box 2013-12-20 21:47:29 +00:00			`# This playbook updates hosts without guests.`
			`#`
			`# requires --extra-vars="target=somehostname yumcommand=update"`


[yaml-lint] fix yamllint errors and warnings on plabooks Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2024-11-25 18:24:56 +10:00			`---`
host_update: sync with vhost update and fix for modern systems This playbook was still calling yum and wasn't in line with the vhost playbook. Synced that over and it works just like the vhost_update one now (except that it doesn't update guests). Signed-off-by: Kevin Fenzi <kevin@scrye.com> 2025-01-29 09:19:23 -08:00
Fix name[casing] ansible-lint issues fix 1900 failures of the following case issue: `name[casing]: All names should start with an uppercase letter.` Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2025-01-14 20:18:57 +10:00			`- name: Update the system`
Added host_update box 2013-12-20 21:47:29 +00:00			`hosts: "{{ target }}"`
host_update: sync with vhost update and fix for modern systems This playbook was still calling yum and wasn't in line with the vhost playbook. Synced that over and it works just like the vhost_update one now (except that it doesn't update guests). Signed-off-by: Kevin Fenzi <kevin@scrye.com> 2025-01-29 09:19:23 -08:00			`gather_facts: true`
Added host_update box 2013-12-20 21:47:29 +00:00			`user: root`
Death to all trailing whitespace. 2016-08-08 19:36:31 +00:00
			`tasks:`

host_update: sync with vhost update and fix for modern systems This playbook was still calling yum and wasn't in line with the vhost playbook. Synced that over and it works just like the vhost_update one now (except that it doesn't update guests). Signed-off-by: Kevin Fenzi <kevin@scrye.com> 2025-01-29 09:19:23 -08:00			`- name: Apply updates`
			`ansible.builtin.package:`
			`state: latest`
			`name: "*"`
			`update_cache: true`
			`async: 7200`
			`poll: 30`
			`when: package_excludes is not defined`

			`- debug:`
			`msg:`
			`- '!!!!!!!!!!!!!!!!!!! host {{ inventory_hostname }} has EXCLUDES OF {{ package_excludes }} !!!!!!!!!!!!!'`
			`- '!!!!!!!!!!!!!!!!!!! DANGER DANGER DANGER ^ CHECK THAT EXCLUDES ARE STILL NEEDED ^ !!!!!!!!!!!!!!!!!!!!'`
			`when: package_excludes is defined`
			`changed_when: true`

			`- name: Apply updates with excludes`
			`ansible.builtin.package:`
			`state: latest`
			`name: "*"`
			`update_cache: true`
			`exclude: "{{ package_excludes }}"`
Added host_update box 2013-12-20 21:47:29 +00:00			`async: 7200`
			`poll: 30`
host_update: sync with vhost update and fix for modern systems This playbook was still calling yum and wasn't in line with the vhost playbook. Synced that over and it works just like the vhost_update one now (except that it doesn't update guests). Signed-off-by: Kevin Fenzi <kevin@scrye.com> 2025-01-29 09:19:23 -08:00			`when: package_excludes is defined`
Added host_update box 2013-12-20 21:47:29 +00:00
Fix name[casing] ansible-lint issues fix 1900 failures of the following case issue: `name[casing]: All names should start with an uppercase letter.` Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2025-01-14 20:18:57 +10:00			`- name: Run rkhunter if installed`
[yaml-lint] fix yamllint errors and warnings on plabooks Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2024-11-25 18:24:56 +10:00			`hosts: "{{ target }}"`
Added host_update box 2013-12-20 21:47:29 +00:00			`user: root`

			`tasks:`
Fix name[casing] ansible-lint issues fix 1900 failures of the following case issue: `name[casing]: All names should start with an uppercase letter.` Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2025-01-14 20:18:57 +10:00			`- name: Check for rkhunter`
ansiblelint fixes-- fqcn[action-core] - command to ansible.builtin.command Replaces many references to command: with ansible.builtin.command Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2024-12-19 11:22:24 +10:00			`ansible.builtin.command: /usr/bin/test -f /usr/bin/rkhunter`
Added host_update box 2013-12-20 21:47:29 +00:00			`register: rkhunter`
			`ignore_errors: true`
Death to all trailing whitespace. 2016-08-08 19:36:31 +00:00
Fix name[casing] ansible-lint issues fix 1900 failures of the following case issue: `name[casing]: All names should start with an uppercase letter.` Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2025-01-14 20:18:57 +10:00			`- name: Run rkhunter --propupd`
ansiblelint fixes-- fqcn[action-core] - command to ansible.builtin.command Replaces many references to command: with ansible.builtin.command Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2024-12-19 11:22:24 +10:00			`ansible.builtin.command: /usr/bin/rkhunter --propupd`
fix deprecated \|success to is success 2018-04-04 19:24:21 +00:00			`when: rkhunter is success`