wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-07 07:33:52 +02:00
Code Issues Projects Releases Wiki Activity

Split up unattended upgrades (#1041)

Browse source
This commit is contained in:
Jack Ivanov 2018-08-08 07:25:59 +03:00 committed by Dan Guido
parent b86ebe20d7
commit 53d1113881
5 changed files with 25 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
roles/common/templates/50unattended-upgrades.j2
View file

@ -2,9 +2,6 @@
Unattended-Upgrade::Allowed-Origins { Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security"; "${distro_id}:${distro_codename}-security";
"${distro_id}:${distro_codename}-updates"; "${distro_id}:${distro_codename}-updates";
{% if wireguard_enabled %}
"LP-PPA-wireguard-wireguard:${distro_codename}";
{% endif %}
// "${distro_id}:${distro_codename}-proposed"; // "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports"; // "${distro_id}:${distro_codename}-backports";
}; };

4
roles/dns_encryption/files/50-dnscrypt-proxy-unattended-upgrades Normal file
View file

@ -0,0 +1,4 @@
// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
"LP-PPA-shevchuk-dnscrypt-proxy:${distro_codename}";
};

10
roles/dns_encryption/tasks/ubuntu.yml
View file

@ -8,13 +8,21 @@
until: result|succeeded until: result|succeeded
retries: 10 retries: 10
delay: 3 delay: 3
- name: Install dnscrypt-proxy - name: Install dnscrypt-proxy
apt: apt:
name: dnscrypt-proxy name: dnscrypt-proxy
state: latest state: latest
update_cache: true update_cache: true
- name: Configure unattended-upgrades
copy:
src: 50-dnscrypt-proxy-unattended-upgrades
dest: /etc/apt/apt.conf.d/50-dnscrypt-proxy-unattended-upgrades
owner: root
group: root
mode: 0644
- block: - block:
- name: Ubuntu | Unbound profile for apparmor configured - name: Ubuntu | Unbound profile for apparmor configured
copy: copy:

4
roles/wireguard/files/50-wireguard-unattended-upgrades Normal file
View file

@ -0,0 +1,4 @@
// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
"LP-PPA-wireguard-wireguard:${distro_codename}";
};

8
roles/wireguard/tasks/main.yml
View file

@ -14,6 +14,14 @@
state: present state: present
update_cache: true update_cache: true
- name: Configure unattended-upgrades
copy:
src: 50-wireguard-unattended-upgrades
dest: /etc/apt/apt.conf.d/50-wireguard-unattended-upgrades
owner: root
group: root
mode: 0644
- name: Ensure the required directories exist - name: Ensure the required directories exist
file: file:
dest: "{{ wireguard_config_path }}/{{ item }}" dest: "{{ wireguard_config_path }}/{{ item }}"