add Unattended-Upgrade

roles/common/tasks/main.yaml

@@ -0,0 +1,4 @@
+---
+
+# Install unattended Upgrades
+- import_tasks: updates.yaml

roles/common/tasks/updates.yaml

@@ -0,0 +1,36 @@
+---
+
+- name: Install unattended Upgrades
+  apt:
+    name:
+      - unattended-upgrades
+      - apt-listchanges
+    state: latest
+  notify: Record changes in etckeeper
+
+
+- name: update Package lists
+  cron:
+    name: update Package lists
+    hour: "{{3|random(seed=inventory_hostname+'updates')}}"
+    minute: "{{59|random(seed=inventory_hostname+'updates')}}"
+    job: /usr/bin/apt-get update > /dev/null
+
+
+- name: generate configs for unattended Upgrades
+  template:
+    src: "{{ item }}"
+    dest: "/etc/apt/apt.conf.d/{{ item }}"
+  with_items:
+    - 20auto-upgrades
+  notify: Record changes in etckeeper
+
+
+- name: configs unattended upgrades
+  template:
+    src: "{{ item }}"
+    dest: "/etc/apt/apt.conf.d/{{ item }}"
+  with_items:
+    - 50unattended-upgrades
+  notify: Record changes in etckeeper
+  when: Unattended_Upgrade == 1