From bc543fdb3e8ea26f0b3d3248517649cebc37148a Mon Sep 17 00:00:00 2001
From: Sven Velt <sven@velt.de>
Date: Sun, 7 Jul 2024 11:32:25 +0000
Subject: [PATCH] Initial commit

---
 .gitignore          |  3 +++
 meta/main.yml       | 51 +++++++++++++++++++++++++++++++++++++++++++++
 securityupdates.yml |  7 +++++++
 tasks/main.yml      | 38 +++++++++++++++++++++++++++++++++
 4 files changed, 99 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 meta/main.yml
 create mode 100644 securityupdates.yml
 create mode 100644 tasks/main.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a204212
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.*.swp
+*~
+
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..1b7f281
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,51 @@
+---
+dependencies: []
+
+galaxy_info:
+  author: Sven Velt
+  description: Install (security) updates
+  company: velt.biz
+  galaxy_tags:
+    - security
+  issue_tracker_url: https://git.velt.biz/Ansible/role.securityupdates/issues
+  license: AGPL-3.0-or-later
+  min_ansible_version: 2.9
+  platforms:
+    - name: Debian
+      versions:
+        - stretch
+        - buster
+        - bullseye
+        - bookworm
+        - trixie
+    - name: Ubuntu
+      versions:
+        - trusty
+        - xenial
+        - bionic
+        - focal
+        - groovy
+        - hirsute
+        - impish
+        - lunar
+        - mantic
+        - noble
+        - oracular
+    - name: Fedora
+      versions:
+        - 33
+        - 34
+        - 35
+        - 36
+        - 37
+        - 38
+        - 39
+        - 40
+    - name: EL
+      versions:
+        - 6
+        - 7
+        - 8
+        - 9
+  version: 0.2024.07.06
+
diff --git a/securityupdates.yml b/securityupdates.yml
new file mode 100644
index 0000000..2bc45ce
--- /dev/null
+++ b/securityupdates.yml
@@ -0,0 +1,7 @@
+---
+- hosts: all
+
+  roles:
+    - role: securityupdates
+      when: securityupdates|default(true) != false
+
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..a90026e
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+- name: Sanity check
+  assert:
+    that: ansible_pkg_mgr in ["apk", "apt", "dnf", "pacman", "xbps", "yum", "zypper"]
+    msg: 'Unsupported package manager "{{ ansible_pkg_mgr }}"'
+
+##############################################################################
+
+- name: Update index files
+  package:
+    update_cache: true
+  # when: ansible_pkg_mgr not in []
+
+##############################################################################
+
+- name: Void -- Pre-Update xbps
+  package:
+    upgrade_xbps: true
+  when: ansible_pkg_mgr == "xbps"
+
+##############################################################################
+
+- name: Debian -- Dist-Upgrade packages
+  package:
+    upgrade: dist
+  when: ansible_pkg_mgr == "apt"
+
+- name: ArchLinux/Voidlinux -- Upgrade whole system
+  package:
+    upgrade: yes
+  when: ansible_pkg_mgr in ["apk", "pacman", "xbps"]
+
+- name: Others -- Upgrade all packages
+  package:
+    name: "*"
+    state: latest
+  when: ansible_pkg_mgr not in ["apk", "apt", "pacman", "xbps"]
+