From 31bb76317222fbcc1eaeb935c6f5e621b14705e9 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 29 Jan 2025 09:19:23 -0800
Subject: [PATCH] host_update: sync with vhost update and fix for modern
 systems

This playbook was still calling yum and wasn't in line with the vhost
playbook. Synced that over and it works just like the vhost_update one
now (except that it doesn't update guests).

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 playbooks/host_update.yml | 30 +++++++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/playbooks/host_update.yml b/playbooks/host_update.yml
index ac6650b666..6a6cb9905a 100644
--- a/playbooks/host_update.yml
+++ b/playbooks/host_update.yml
@@ -4,19 +4,39 @@
 
 
 ---
+
 - name: Update the system
   hosts: "{{ target }}"
-  gather_facts: false
+  gather_facts: true
   user: root
 
   tasks:
-  - name: Expire-caches
-    ansible.builtin.command: yum clean expire-cache
 
-  - name: Yum -y {{ yumcommand }}
-    ansible.builtin.command: yum -y {{ yumcommand }}
+  - name: Apply updates
+    ansible.builtin.package:
+      state: latest
+      name: "*"
+      update_cache: true
     async: 7200
     poll: 30
+    when: package_excludes is not defined
+
+  - debug:
+      msg:
+      - '!!!!!!!!!!!!!!!!!!! host {{ inventory_hostname }} has EXCLUDES OF {{ package_excludes }} !!!!!!!!!!!!!'
+      - '!!!!!!!!!!!!!!!!!!! DANGER DANGER DANGER ^ CHECK THAT EXCLUDES ARE STILL NEEDED ^ !!!!!!!!!!!!!!!!!!!!'
+    when: package_excludes is defined
+    changed_when: true
+
+  - name: Apply updates with excludes
+    ansible.builtin.package:
+      state: latest
+      name: "*"
+      update_cache: true
+      exclude: "{{ package_excludes }}"
+    async: 7200
+    poll: 30
+    when: package_excludes is defined
 
 - name: Run rkhunter if installed
   hosts: "{{ target }}"