From da472689c1e83b721bb74e845aeb798b88a47802 Mon Sep 17 00:00:00 2001
From: Adham Helal <aa@hellofresh.com>
Date: Mon, 30 Jan 2017 15:40:27 +0100
Subject: [PATCH] Initial commit

---
 LICENSE            | 21 +++++++++++++++++++
 Readme.md          | 24 ++++++++++++++++++++++
 defaults/main.yml  | 14 +++++++++++++
 meta/main.yml      |  3 +++
 tasks/main.yml     |  5 +++++
 tasks/packages.yml |  6 ++++++
 tasks/update.yml   | 50 ++++++++++++++++++++++++++++++++++++++++++++++
 vars/main.yml      |  2 ++
 8 files changed, 125 insertions(+)
 create mode 100644 LICENSE
 create mode 100644 Readme.md
 create mode 100644 defaults/main.yml
 create mode 100644 meta/main.yml
 create mode 100644 tasks/main.yml
 create mode 100644 tasks/packages.yml
 create mode 100644 tasks/update.yml
 create mode 100644 vars/main.yml

diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..514ac2b
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 HelloFresh
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
\ No newline at end of file
diff --git a/Readme.md b/Readme.md
new file mode 100644
index 0000000..5d39a8e
--- /dev/null
+++ b/Readme.md
@@ -0,0 +1,24 @@
+# Ansible YUM
+
+Simple role to patch a Redhat/Centos system and install default packages.
+
+## Variables
+```yaml
+# default packages tp install comma seperated
+yum_default_packages                : ""
+
+# Force update (use probably from CLI)
+upgrade_now_force                   : False
+
+# Reboot after system update
+reboot_if_needed                    : True
+upgrade_now_pause_after_reboot      : 5
+
+# SSH port to wait for instance to come back after a reboot
+upgrade_now_ssh_port                : "{{ ansible_port | default(22) }}"
+```
+
+
+# License
+MIT
+
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..835d73c
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,14 @@
+---
+
+# default packages tp install comma seperated
+yum_default_packages                : ""
+
+# Force update (use probably from CLI)
+upgrade_now_force                   : False
+
+# Reboot after system update
+reboot_if_needed                    : True
+upgrade_now_pause_after_reboot      : 5
+
+# SSH port to wait for instance to come back after a reboot
+upgrade_now_ssh_port                : "{{ ansible_port | default(22) }}"
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..0f50759
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,3 @@
+---
+
+dependencies: []
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..83493dd
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+
+- include: update.yml
+
+- include: packages.yml
diff --git a/tasks/packages.yml b/tasks/packages.yml
new file mode 100644
index 0000000..38c7da6
--- /dev/null
+++ b/tasks/packages.yml
@@ -0,0 +1,6 @@
+---
+
+- name: packages | Make sure the default packages are installed
+  apt:
+    name: "{{yum_default_packages|join(',')}}"
+    state: present
\ No newline at end of file
diff --git a/tasks/update.yml b/tasks/update.yml
new file mode 100644
index 0000000..c8f1e5e
--- /dev/null
+++ b/tasks/update.yml
@@ -0,0 +1,50 @@
+---
+
+- name: update | Check if first boot file exists
+  stat:
+    path="{{ upgrade_now_first_boot_file }}"
+  register: first_boot_stat
+
+- name: update | Update yum if first time or force
+  yum:
+    name: "*"
+    state: latest
+  register: yum_updated
+  when: not first_boot_stat.stat.exists or upgrade_now_force
+
+- name: update | Reboot now
+  shell: sleep 2 && shutdown -r now "Ansible updates triggered"
+  async: 1
+  poll: 0
+  when: yum_updated | changed and reboot_if_needed
+
+- name: update | Check and set if ansible_ssh_host is set
+  set_fact:
+      yum_ssh_hostname: "{{ ansible_ssh_host }}"
+  when: ansible_ssh_host is defined
+
+- name: update | if no ansible_ssh_host use inventory_hostname
+  set_fact:
+      yum_ssh_hostname: "{{ inventory_hostname }}"
+  when: ansible_ssh_host is not defined
+
+- name: update | Wait for ssh port to open again
+  wait_for:
+    port="22"
+    host="{{ yum_ssh_hostname }}"
+    delay=30
+    timeout=180
+    search_regex=OpenSSH
+  connection: local
+  become: False
+  when: yum_updated | changed
+
+- name: update | pause a little to ensure everything is running
+  pause:
+    seconds="{{ upgrade_now_pause_after_reboot }}"
+  when: yum_updated | changed
+
+- name: update | Touch file guard
+  copy:
+    content=""
+    dest="{{ upgrade_now_first_boot_file }}"
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000..1106a8f
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,2 @@
+---
+upgrade_now_first_boot_file     : "/var/local/ansible_yum_upgrade"
\ No newline at end of file