From 1b206517b68b5c93fd1ded4b97e51c9d57ac632d Mon Sep 17 00:00:00 2001 From: Timotej Lazar Date: Wed, 22 Oct 2025 18:44:05 +0200 Subject: [PATCH] alpine: enable automatic upgrades only for virtual machines And factor out VM stuff into a separate file. --- roles/alpine/tasks/main.yml | 29 +++-------------------------- roles/alpine/tasks/vm.yml | 25 +++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 26 deletions(-) create mode 100644 roles/alpine/tasks/vm.yml diff --git a/roles/alpine/tasks/main.yml b/roles/alpine/tasks/main.yml index 9fce34c..4292d41 100644 --- a/roles/alpine/tasks/main.yml +++ b/roles/alpine/tasks/main.yml @@ -65,7 +65,6 @@ - acl - git - iproute2 - - logrotate - nftables - procps - rsync @@ -98,33 +97,11 @@ - meta: flush_handlers -- name: Enable QEMU guest agent - when: is_virtual - block: - - name: Install QEMU guest agent package - package: - name: qemu-guest-agent - - - name: Enable QEMU guest agent service - service: - name: qemu-guest-agent - enabled: yes - state: started - -- name: Install automatic upgrade script - copy: - dest: /etc/periodic/weekly/ - src: unattended-upgrade - mode: 0755 - -- name: Configure log rotation for automatic upgrades - copy: - dest: /etc/logrotate.d/unattended-upgrade - src: unattended-upgrade.logrotate - mode: 0644 - - name: Set authorized SSH keys authorized_key: user: root exclusive: true key: "{{ ssh_keys | join('\n') }}" + +- when: is_virtual + include_tasks: vm.yml diff --git a/roles/alpine/tasks/vm.yml b/roles/alpine/tasks/vm.yml new file mode 100644 index 0000000..45ce0af --- /dev/null +++ b/roles/alpine/tasks/vm.yml @@ -0,0 +1,25 @@ +- name: Install QEMU guest agent package + package: + name: qemu-guest-agent + +- name: Enable QEMU guest agent service + service: + name: qemu-guest-agent + enabled: yes + state: started + +- name: Install logrotate + package: + name: logrotate + +- name: Install automatic upgrade script + copy: + dest: /etc/periodic/weekly/ + src: unattended-upgrade + mode: "0755" + +- name: Configure log rotation for automatic upgrades + copy: + dest: /etc/logrotate.d/unattended-upgrade + src: unattended-upgrade.logrotate + mode: "0644"