35 lines
974 B
YAML
35 lines
974 B
YAML
---
|
|
- name: Update apt cache
|
|
ansible.builtin.apt:
|
|
update_cache: yes
|
|
cache_valid_time: 3600
|
|
|
|
- name: Upgrade all packages and capture output
|
|
ansible.builtin.shell: |
|
|
apt-get update
|
|
apt-get upgrade -y
|
|
register: apt_upgrade
|
|
changed_when: false
|
|
|
|
- name: Determine upgrade message
|
|
ansible.builtin.set_fact:
|
|
upgrade_summary: >-
|
|
{% if '0 upgraded' in apt_upgrade.stdout %}
|
|
No packages were upgraded on {{ inventory_hostname }}.
|
|
{% else %}
|
|
The following packages were upgraded on {{ inventory_hostname }}:
|
|
|
|
{{ apt_upgrade.stdout }}
|
|
{% endif %}
|
|
|
|
- name: Email the upgrade summary using Gmail SMTP
|
|
ansible.builtin.mail:
|
|
host: smtp.gmail.com
|
|
port: 587
|
|
username: "{{ lookup('env', 'SMTP_USER') }}"
|
|
password: "{{ lookup('env', 'SMTP_PASS') }}"
|
|
to: "{{ gmail_recipient }}"
|
|
subject: "Debian Package Upgrade Report - {{ inventory_hostname }}"
|
|
body: "{{ upgrade_summary }}"
|
|
secure: starttls
|