2026-04-29 23:14:14 +00:00
|
|
|
---
|
|
|
|
|
- name: Apply Security Patches and Updates
|
|
|
|
|
hosts: all
|
|
|
|
|
become: true
|
|
|
|
|
gather_facts: true
|
2026-05-03 22:31:04 +00:00
|
|
|
vars_files:
|
|
|
|
|
- vars/vault.yml
|
2026-04-29 23:14:14 +00:00
|
|
|
|
|
|
|
|
pre_tasks:
|
2026-05-03 22:31:04 +00:00
|
|
|
- name: Validate patch prerequisites
|
|
|
|
|
ansible.builtin.assert:
|
|
|
|
|
that:
|
|
|
|
|
- ansible_os_family == "Debian"
|
|
|
|
|
fail_msg: "Patching supported only on Debian-based systems"
|
|
|
|
|
|
|
|
|
|
- name: Display patch information
|
|
|
|
|
ansible.builtin.debug:
|
|
|
|
|
msg: |
|
|
|
|
|
Patching {{ inventory_hostname }}
|
|
|
|
|
Patch Window: {{ patch_window_start }} - {{ patch_window_end }}
|
|
|
|
|
Security Only: {{ patch_security_only }}
|
|
|
|
|
|
|
|
|
|
roles:
|
|
|
|
|
- role: patching
|
|
|
|
|
tags: ['patch', 'updates']
|
2026-04-29 23:14:14 +00:00
|
|
|
|
|
|
|
|
post_tasks:
|
2026-05-03 22:31:04 +00:00
|
|
|
- name: Display patching summary
|
|
|
|
|
ansible.builtin.debug:
|
|
|
|
|
msg: |
|
|
|
|
|
Patching completed!
|
|
|
|
|
Host: {{ inventory_hostname }}
|
|
|
|
|
Reboot Required: {{ reboot_required | default(false) }}
|
