From 5318e4addc9db409f0541363d41af6a3013f27d0 Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Fri, 3 Jul 2015 23:39:37 +0200
Subject: [PATCH] Initial version

---
 defaults/main.yml     |  5 +++++
 files/20auto-upgrades |  2 ++
 tasks/main.yml        | 41 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 defaults/main.yml
 create mode 100644 files/20auto-upgrades
 create mode 100644 tasks/main.yml

diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..4b6262e
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+mail_target: "mail@example.com"
+reboot_time: "04:00"
+do_reboot: "true"
+do_autoremove: "false"
diff --git a/files/20auto-upgrades b/files/20auto-upgrades
new file mode 100644
index 0000000..8d6d7c8
--- /dev/null
+++ b/files/20auto-upgrades
@@ -0,0 +1,2 @@
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..d66d403
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+
+- name: Install required packages for autoupdate
+  apt: name={{ item }} update_cache=yes
+  with_items:
+    - unattended-upgrades
+    - update-notifier-common
+    - sendmail
+
+- name: Add configuration file
+  copy: dest=/etc/apt/apt.conf.d/20auto-upgrades src=20auto-upgrades
+
+- name: Configure mail target for Unattended Upgrade
+  lineinfile: line="Unattended-Upgrade::Mail \"{{mail_target}}\";"
+  args:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: '^(//)?Unattended-Upgrade::Mail '
+
+- name: Set auto-reboot-time for Unattended Upgrade
+  lineinfile: line="Unattended-Upgrade::Automatic-Reboot-Time \"{{reboot_time}}\";"
+  args:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: '^(//)?Unattended-Upgrade::Automatic-Reboot-Time '
+
+- name: Set auto-reboot for Unattended Upgrade
+  lineinfile: line="Unattended-Upgrade::Automatic-Reboot \"{{do_reboot}}\";"
+  args:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: '^(//)?Unattended-Upgrade::Automatic-Reboot '
+
+- name: Set autoremove for Unattended Upgrade
+  lineinfile: line="Unattended-Upgrade::Remove-Unused-Dependencies \"{{do_autoremove}}\";"
+  args:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: '^(//)?Unattended-Upgrade::Remove-Unused-Dependencies '
+
+- name: Enable normal updates
+  lineinfile: line='    "${distro_id}:${distro_codename}-updates";'
+  args:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: '\$\{distro_id\}:\$\{distro_codename\}-updates'