From 3655e491d806fcf868f75a4f35f680d6e085d891 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <joerg.sachse@slub-dresden.de> Date: Thu, 16 May 2024 16:24:47 +0200 Subject: [PATCH] feat: add auto-cleanup for unattended-upgrades --- tasks/configure_autoupdate.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tasks/configure_autoupdate.yml b/tasks/configure_autoupdate.yml index caf9885..834cdb7 100644 --- a/tasks/configure_autoupdate.yml +++ b/tasks/configure_autoupdate.yml @@ -33,6 +33,7 @@ loop: - 'APT::Periodic::Update-Package-Lists "1";' - 'APT::Periodic::Unattended-Upgrade "1";' + - 'APT::Periodic::AutocleanInterval "7";' - name: configure unattended upgrade mail settings ansible.builtin.lineinfile: path: "/etc/apt/apt.conf.d/90unattended-upgrades-mail" @@ -50,6 +51,20 @@ ansible.builtin.file: path: "/etc/apt/apt.conf.d/51only-security-upgrades" state: absent + - name: cleanup after apt + ansible.builtin.lineinfile: + path: "/etc/apt/apt.conf.d/50unattended-upgrades" + create: true + mode: "0644" + regexp: "{{ item.regexp }}" + line: "{{ item.line }}" + loop: + - regexp: '//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";' + line: 'Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";' + - regexp: '//Unattended-Upgrade::Remove-New-Unused-Dependencies "true";' + line: 'Unattended-Upgrade::Remove-New-Unused-Dependencies "true";' + - regexp: '//Unattended-Upgrade::Remove-Unused-Dependencies "false";' + line: 'Unattended-Upgrade::Remove-Unused-Dependencies "false";' # based on: https://access.redhat.com/solutions/2823901 - name: Install & configurate autoupdate (RedHat) -- GitLab