Skip to content
This repository has been archived by the owner on Jun 25, 2023. It is now read-only.

tasks/main.yml: Only run on Debian-based distributions. #38

Closed
wants to merge 1 commit into from
Closed

tasks/main.yml: Only run on Debian-based distributions. #38

wants to merge 1 commit into from

Conversation

jpds
Copy link

@jpds jpds commented Sep 12, 2017

I run a mixed CentOS/Debian environment where all hosts are in a 'all' hosts playbook which skips tasks based on ansible_distribution logic.

This tiny branch adds this logic to the unattended-upgrades role.

@jnv
Copy link
Owner

jnv commented Sep 12, 2017

Thank you, though I wonder, shouldn't this be rather decided in the respective playbook where the role is included? You can do something like:

- hosts: all
  roles:
     - { role: jnv.unattended-upgrades, when: ansible_os_family == 'Debian' }

Though this may be supported only in Ansible 2.0+ – see docs.

@jpds
Copy link
Author

jpds commented Sep 12, 2017

Interesting, I wasn't aware that I could do that - I've added that to my playbook as well.

@conorsch
Copy link
Contributor

Good change, @jpds, I like this logic going into the role itself. However @jnv's ansible_os_family conditional is more succinct, and accurately targets all Debian-based derivatives. If you amend your PR to include that logic instead, +1 for merge from me.

@jnv
Copy link
Owner

jnv commented Jan 1, 2018

Honestly, I am not in favour of this addition since it burdens the role with an extra assumption which, while unlikely, may backfire. We have role's metadata and it is easy to target roles to a specific distribution, as I have mentioned above. I have no trouble adding the solution above to the README (perhaps start some section like Tips or FAQ), since Ansible's documentation apparently isn't clear on that.

@jnv jnv closed this in 6dcd740 Feb 10, 2021
@mietzen
Copy link

mietzen commented Feb 23, 2022

Edit2: Beware "Raspberry Pi OS 64Bit" is actually plain Debian Buster with Debian Buster sources...

I'm new to ansible, so I'm not sure if this is "common knowledge", but perhaps we could extend the example:

With lsb-release installed we could check the exact distro:

---
- name: Install lsb-release
  hosts: all
  become: true

  tasks:
    - name: Install lsb release
      apt: name=lsb-release update_cache=yes state=latest
      when:
        - ansible_os_family == "Debian"

- name: Unattended Upgrades
  hosts: all
  become: true

  roles:
  - role: jnv.unattended-upgrades
    unattended_remove_unused_dependencies: true
    unattended_automatic_reboot: true
    unattended_automatic_reboot_time: 04:00
    unattended_update_days: 6
    unattended_origins_patterns:
      - 'origin=Debian,codename=${distro_codename},label=Debian-Security'
      - 'o=Debian,codename=${distro_codename},label=Debian'
    when: 
      - ansible_lsb.id == "Debian"

  - role: jnv.unattended-upgrades
    unattended_remove_unused_dependencies: true
    unattended_automatic_reboot: true
    unattended_automatic_reboot_time: 04:00
    unattended_update_days: 6
    unattended_origins_patterns:
      - 'origin=Raspbian,codename=${distro_codename},label=Raspbian'
    when: 
      - ansible_distribution == "Debian"
      - ansible_lsb.id == "Raspbian"

  - role: jnv.unattended-upgrades
    unattended_remove_unused_dependencies: true
    unattended_automatic_reboot: true
    unattended_automatic_reboot_time: 04:00
    unattended_update_days: 6
    unattended_origins_patterns:
      - 'origin=Ubuntu,archive=${distro_codename}-security'
      - 'o=Ubuntu,a=${distro_codename}'
      - 'o=Ubuntu,a=${distro_codename}-updates'
    when: 
      - ansible_distribution == "Ubuntu"

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants