From 3e8a5681573051bbb16e908d82eb5a91c3ef5b57 Mon Sep 17 00:00:00 2001 From: Mathieu Jourdan Date: Thu, 28 Apr 2022 10:59:09 +0200 Subject: [PATCH 1/3] install timer to automatically reboot when needed --- README.md | 31 ++++++++++++++++++++++++++++++- defaults/main.yml | 11 +++++++++++ meta/main.yml | 8 +++++++- tasks/main.yml | 13 +++++++++++++ 4 files changed, 61 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b1fe370..205506b 100644 --- a/README.md +++ b/README.md @@ -39,10 +39,29 @@ This default configuration sets `dnf-automatic` up to automatically download and Note that the `dnf_automatic_base_overrides` dictionary can be used to override arbitrary preferences from the base dnf configuration file for `dnf-automatic`. +In addition, `dnf_automatic_reboot` can be set to true to perform automatic reboots when installed updates require it: + +```yaml +dnf_automatic_reboot: false +dnf_automatic_reboot_time: "03:00" +dnf_automatic_reboot_script: "/usr/local/sbin/reboot-when-needed.sh" +dnf_automatic_reboot_script_mode: "0700" +dnf_automatic_reboot_script_content: | + #!/bin/bash + /bin/needs-restarting -r || /sbin/reboot +dnf_automatic_reboot_dependencies: yum-utils +``` + Dependencies ------------ -No dependencies needed. +This role has a dependency on `vlcty.systemd-timers` to periodically run the reboot script. It can be installed by adding the following block to roles/requirements.yml: + +``` +- src: https://github.com/vlcty/ansible-systemd-timers.git + name: vlcty.systemd-timers + scm: git +``` Example Playbook ---------------- @@ -56,6 +75,16 @@ This example playbook deploys `dnf-automatic` on all hosts but is configured suc - { role: exploide.dnf-automatic, dnf_automatic_upgrade_type: default } ``` +This example playbook deploys `dnf-automatic` to install security updates only, and deploys additional timer to reboot at 4:00 am when required: + +```yaml +- hosts: all + remote_user: root + roles: + - { role: exploide.dnf-automatic, dnf_automatic_reboot: true, dnf_automatic_reboot_time: "04:00" } +``` + + License ------- diff --git a/defaults/main.yml b/defaults/main.yml index 61c5df9..210a4c4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -35,3 +35,14 @@ dnf_automatic_email_host: localhost # this dict can be used to override arbitrary settings from dnf.conf dnf_automatic_base_overrides: {} + +# Reboot + +dnf_automatic_reboot: false +dnf_automatic_reboot_time: "03:00" +dnf_automatic_reboot_script: "/usr/local/sbin/reboot-when-needed.sh" +dnf_automatic_reboot_script_mode: "0700" +dnf_automatic_reboot_script_content: | + #!/bin/bash + /bin/needs-restarting -r || /sbin/reboot +dnf_automatic_reboot_dependencies: yum-utils diff --git a/meta/main.yml b/meta/main.yml index a436af3..91f8673 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -19,4 +19,10 @@ galaxy_info: - packaging - system -dependencies: [] +dependencies: + - role: vlcty.systemd-timers + timers: + dnf-automatic-reboot: + timer_command: "{{ dnf_automatic_reboot_script }}" + timer_OnCalendar: "{{ dnf_automatic_reboot_time }}" + when: dnf_automatic_reboot diff --git a/tasks/main.yml b/tasks/main.yml index e5c8028..40ae022 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -15,3 +15,16 @@ name: dnf-automatic-install.timer state: started enabled: yes + +- name: Install dependencies needed for reboot + package: + name: "{{ dnf_automatic_reboot_dependencies }}" + state: present + when: dnf_automatic_reboot|bool + +- name: Copy reboot script + copy: + dest: "{{ dnf_automatic_reboot_script }}" + content: "{{ dnf_automatic_reboot_script_content }}" + mode: "{{ dnf_automatic_reboot_script_mode }}" + when: dnf_automatic_reboot|bool From 957a03d624b4a9d76181205906e1bb8ab8a3c5c3 Mon Sep 17 00:00:00 2001 From: Mathieu Jourdan Date: Thu, 28 Apr 2022 11:04:56 +0200 Subject: [PATCH 2/3] add EL 8 to meta/main.yml --- meta/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/main.yml b/meta/main.yml index 91f8673..0460e81 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -8,6 +8,7 @@ galaxy_info: - name: EL versions: - 7 + - 8 - name: Fedora versions: - all From ba3b6a8b44367b637060d7001f92338f832cf94d Mon Sep 17 00:00:00 2001 From: Mathieu Jourdan Date: Fri, 6 May 2022 16:55:55 +0200 Subject: [PATCH 3/3] drop external dependencies and unnecessary script --- README.md | 18 ++++--------- defaults/main.yml | 10 +++---- meta/main.yml | 8 +----- tasks/main.yml | 36 +++++++++++++++++++------- templates/dnf-automatic-reboot.service | 8 ++++++ templates/dnf-automatic-reboot.timer | 11 ++++++++ 6 files changed, 55 insertions(+), 36 deletions(-) create mode 100644 templates/dnf-automatic-reboot.service create mode 100644 templates/dnf-automatic-reboot.timer diff --git a/README.md b/README.md index 205506b..079d1ef 100644 --- a/README.md +++ b/README.md @@ -43,25 +43,17 @@ In addition, `dnf_automatic_reboot` can be set to true to perform automatic rebo ```yaml dnf_automatic_reboot: false -dnf_automatic_reboot_time: "03:00" -dnf_automatic_reboot_script: "/usr/local/sbin/reboot-when-needed.sh" -dnf_automatic_reboot_script_mode: "0700" -dnf_automatic_reboot_script_content: | - #!/bin/bash - /bin/needs-restarting -r || /sbin/reboot dnf_automatic_reboot_dependencies: yum-utils +dnf_automatic_reboot_OnCalendar: "03:00" +dnf_automatic_reboot_AccuracySec: "15s" +dnf_automatic_reboot_Description: "dnf-automatic-reboot" +dnf_automatic_reboot_ExecStart: /bin/bash -c '/bin/needs-restarting -r || /sbin/reboot' ``` Dependencies ------------ -This role has a dependency on `vlcty.systemd-timers` to periodically run the reboot script. It can be installed by adding the following block to roles/requirements.yml: - -``` -- src: https://github.com/vlcty/ansible-systemd-timers.git - name: vlcty.systemd-timers - scm: git -``` +No dependencies needed. Example Playbook ---------------- diff --git a/defaults/main.yml b/defaults/main.yml index 210a4c4..2f3f7ac 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -39,10 +39,8 @@ dnf_automatic_base_overrides: {} # Reboot dnf_automatic_reboot: false -dnf_automatic_reboot_time: "03:00" -dnf_automatic_reboot_script: "/usr/local/sbin/reboot-when-needed.sh" -dnf_automatic_reboot_script_mode: "0700" -dnf_automatic_reboot_script_content: | - #!/bin/bash - /bin/needs-restarting -r || /sbin/reboot dnf_automatic_reboot_dependencies: yum-utils +dnf_automatic_reboot_OnCalendar: "03:00" +dnf_automatic_reboot_AccuracySec: "15s" +dnf_automatic_reboot_Description: "dnf-automatic-reboot" +dnf_automatic_reboot_ExecStart: /bin/bash -c '/bin/needs-restarting -r || /sbin/reboot' diff --git a/meta/main.yml b/meta/main.yml index 0460e81..2d2885c 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -20,10 +20,4 @@ galaxy_info: - packaging - system -dependencies: - - role: vlcty.systemd-timers - timers: - dnf-automatic-reboot: - timer_command: "{{ dnf_automatic_reboot_script }}" - timer_OnCalendar: "{{ dnf_automatic_reboot_time }}" - when: dnf_automatic_reboot +dependencies: [] diff --git a/tasks/main.yml b/tasks/main.yml index 40ae022..4490ed7 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -16,15 +16,31 @@ state: started enabled: yes -- name: Install dependencies needed for reboot - package: - name: "{{ dnf_automatic_reboot_dependencies }}" - state: present - when: dnf_automatic_reboot|bool +- block: + + - name: Install dependencies needed for reboot + package: + name: "{{ dnf_automatic_reboot_dependencies }}" + state: present + tags: pkg + + - name: Deploy service and timer units + template: + src: "{{ item }}" + dest: "/etc/systemd/system/{{ item }}" + owner: root + group: root + mode: 0640 + loop: + - dnf-automatic-reboot.service + - dnf-automatic-reboot.timer -- name: Copy reboot script - copy: - dest: "{{ dnf_automatic_reboot_script }}" - content: "{{ dnf_automatic_reboot_script_content }}" - mode: "{{ dnf_automatic_reboot_script_mode }}" when: dnf_automatic_reboot|bool + +- name: Set timer state for auto reboot + systemd: + name: dnf-automatic-reboot.timer + state: "{{ dnf_automatic_reboot | ternary ('started', 'stopped') }}" + enabled: "{{ dnf_automatic_reboot }}" + masked: false + daemon_reload: true diff --git a/templates/dnf-automatic-reboot.service b/templates/dnf-automatic-reboot.service new file mode 100644 index 0000000..d6092e6 --- /dev/null +++ b/templates/dnf-automatic-reboot.service @@ -0,0 +1,8 @@ +# Managed by ansible - role dnf-automatic + +[Unit] +Description={{ dnf_automatic_reboot_Description }} service + +[Service] +Type=oneshot +ExecStart={{ dnf_automatic_reboot_ExecStart }} diff --git a/templates/dnf-automatic-reboot.timer b/templates/dnf-automatic-reboot.timer new file mode 100644 index 0000000..836af5a --- /dev/null +++ b/templates/dnf-automatic-reboot.timer @@ -0,0 +1,11 @@ +# Managed by ansible - role dnf-automatic + +[Unit] +Description={{ dnf_automatic_reboot_Description }} timer + +[Timer] +OnCalendar={{ dnf_automatic_reboot_OnCalendar }} +AccuracySec={{ dnf_automatic_reboot_AccuracySec }} + +[Install] +WantedBy=timers.target