host_update: sync with vhost update and fix for modern systems

This playbook was still calling yum and wasn't in line with the vhost
playbook. Synced that over and it works just like the vhost_update one
now (except that it doesn't update guests).

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

playbooks/host_update.yml

@@ -4,19 +4,39 @@
 
 
 ---
+
 - name: Update the system
   hosts: "{{ target }}"
-  gather_facts: false
+  gather_facts: true
   user: root
 
   tasks:
-  - name: Expire-caches
-    ansible.builtin.command: yum clean expire-cache
 
-  - name: Yum -y {{ yumcommand }}
-    ansible.builtin.command: yum -y {{ yumcommand }}
+  - name: Apply updates
+    ansible.builtin.package:
+      state: latest
+      name: "*"
+      update_cache: true
     async: 7200
     poll: 30
+    when: package_excludes is not defined
+
+  - debug:
+      msg:
+      - '!!!!!!!!!!!!!!!!!!! host {{ inventory_hostname }} has EXCLUDES OF {{ package_excludes }} !!!!!!!!!!!!!'
+      - '!!!!!!!!!!!!!!!!!!! DANGER DANGER DANGER ^ CHECK THAT EXCLUDES ARE STILL NEEDED ^ !!!!!!!!!!!!!!!!!!!!'
+    when: package_excludes is defined
+    changed_when: true
+
+  - name: Apply updates with excludes
+    ansible.builtin.package:
+      state: latest
+      name: "*"
+      update_cache: true
+      exclude: "{{ package_excludes }}"
+    async: 7200
+    poll: 30
+    when: package_excludes is defined
 
 - name: Run rkhunter if installed
   hosts: "{{ target }}"