Initial commit

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 HelloFresh
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

Readme.md

@@ -0,0 +1,24 @@
+# Ansible YUM
+
+Simple role to patch a Redhat/Centos system and install default packages.
+
+## Variables
+```yaml
+# default packages tp install comma seperated
+yum_default_packages                : ""
+
+# Force update (use probably from CLI)
+upgrade_now_force                   : False
+
+# Reboot after system update
+reboot_if_needed                    : True
+upgrade_now_pause_after_reboot      : 5
+
+# SSH port to wait for instance to come back after a reboot
+upgrade_now_ssh_port                : "{{ ansible_port | default(22) }}"
+```
+
+
+# License
+MIT
+

defaults/main.yml

@@ -0,0 +1,14 @@
+---
+
+# default packages tp install comma seperated
+yum_default_packages                : ""
+
+# Force update (use probably from CLI)
+upgrade_now_force                   : False
+
+# Reboot after system update
+reboot_if_needed                    : True
+upgrade_now_pause_after_reboot      : 5
+
+# SSH port to wait for instance to come back after a reboot
+upgrade_now_ssh_port                : "{{ ansible_port | default(22) }}"

meta/main.yml

@@ -0,0 +1,3 @@
+---
+
+dependencies: []

tasks/main.yml

@@ -0,0 +1,5 @@
+---
+
+- include: update.yml
+
+- include: packages.yml

tasks/packages.yml

@@ -0,0 +1,6 @@
+---
+
+- name: packages | Make sure the default packages are installed
+  apt:
+    name: "{{yum_default_packages|join(',')}}"
+    state: present

tasks/update.yml

@@ -0,0 +1,50 @@
+---
+
+- name: update | Check if first boot file exists
+  stat:
+    path="{{ upgrade_now_first_boot_file }}"
+  register: first_boot_stat
+
+- name: update | Update yum if first time or force
+  yum:
+    name: "*"
+    state: latest
+  register: yum_updated
+  when: not first_boot_stat.stat.exists or upgrade_now_force
+
+- name: update | Reboot now
+  shell: sleep 2 && shutdown -r now "Ansible updates triggered"
+  async: 1
+  poll: 0
+  when: yum_updated | changed and reboot_if_needed
+
+- name: update | Check and set if ansible_ssh_host is set
+  set_fact:
+      yum_ssh_hostname: "{{ ansible_ssh_host }}"
+  when: ansible_ssh_host is defined
+
+- name: update | if no ansible_ssh_host use inventory_hostname
+  set_fact:
+      yum_ssh_hostname: "{{ inventory_hostname }}"
+  when: ansible_ssh_host is not defined
+
+- name: update | Wait for ssh port to open again
+  wait_for:
+    port="22"
+    host="{{ yum_ssh_hostname }}"
+    delay=30
+    timeout=180
+    search_regex=OpenSSH
+  connection: local
+  become: False
+  when: yum_updated | changed
+
+- name: update | pause a little to ensure everything is running
+  pause:
+    seconds="{{ upgrade_now_pause_after_reboot }}"
+  when: yum_updated | changed
+
+- name: update | Touch file guard
+  copy:
+    content=""
+    dest="{{ upgrade_now_first_boot_file }}"

vars/main.yml

@@ -0,0 +1,2 @@
+---
+upgrade_now_first_boot_file     : "/var/local/ansible_yum_upgrade"