From 05df4f0c0403ea4486d627e6e80622b0e7ccb82d Mon Sep 17 00:00:00 2001
From: Jack Ivanov <e601809@gmail.com>
Date: Sun, 28 Aug 2016 22:11:39 +0300
Subject: [PATCH] unattended-upgrades moved to the security role

---
 roles/common/tasks/main.yml                           |  7 -------
 roles/security/tasks/main.yml                         | 11 +++++++++++
 roles/{common => security}/templates/10periodic.j2    |  0
 .../templates/50unattended-upgrades.j2                |  0
 4 files changed, 11 insertions(+), 7 deletions(-)
 rename roles/{common => security}/templates/10periodic.j2 (100%)
 rename roles/{common => security}/templates/50unattended-upgrades.j2 (100%)

diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 285fe6b..922bc75 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -46,16 +46,9 @@
     - coreutils
     - rsyslog
     - sendmail
-    - unattended-upgrades
     - iptables-persistent
     - cgroup-tools
 
-- name: Configure unattended-upgrades
-  template: src=50unattended-upgrades.j2 dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=0644
-
-- name: Periodic upgrades configured
-  template: src=10periodic.j2 dest=/etc/apt/apt.conf.d/10periodic owner=root group=root mode=0644
-
 - name: Loopback for services configured
   template: src=10-loopback-services.cfg.j2 dest=/etc/network/interfaces.d/10-loopback-services.cfg
   notify:
diff --git a/roles/security/tasks/main.yml b/roles/security/tasks/main.yml
index c46e041..7046e2c 100644
--- a/roles/security/tasks/main.yml
+++ b/roles/security/tasks/main.yml
@@ -1,3 +1,14 @@
+- name: Install tools
+  apt: name="{{ item }}" state=latest
+  with_items:
+    - unattended-upgrades
+    
+- name: Configure unattended-upgrades
+  template: src=50unattended-upgrades.j2 dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=0644
+
+- name: Periodic upgrades configured
+  template: src=10periodic.j2 dest=/etc/apt/apt.conf.d/10periodic owner=root group=root mode=0644    
+
 # Using a two-pass approach for checking directories in order to support symlinks.
 - name: Find directories for minimizing access
   stat:
diff --git a/roles/common/templates/10periodic.j2 b/roles/security/templates/10periodic.j2
similarity index 100%
rename from roles/common/templates/10periodic.j2
rename to roles/security/templates/10periodic.j2
diff --git a/roles/common/templates/50unattended-upgrades.j2 b/roles/security/templates/50unattended-upgrades.j2
similarity index 100%
rename from roles/common/templates/50unattended-upgrades.j2
rename to roles/security/templates/50unattended-upgrades.j2