From e5ca62e624e6250d8fa67707902f328f1f5b4592 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9o=20-=20Le=20Filament?= <theo@le-filament.com>
Date: Thu, 1 Jun 2023 18:31:55 +0200
Subject: [PATCH] fix(apt): ensure that apt auto upgrades are enabled

---
 files/apt-auto-upgrades |  2 ++
 tasks/main.yml          | 13 +++++++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 files/apt-auto-upgrades

diff --git a/files/apt-auto-upgrades b/files/apt-auto-upgrades
new file mode 100644
index 0000000..8d6d7c8
--- /dev/null
+++ b/files/apt-auto-upgrades
@@ -0,0 +1,2 @@
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
diff --git a/tasks/main.yml b/tasks/main.yml
index 3783e2a..85366fc 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -15,7 +15,7 @@
 - name: Never include APT phased update
   copy:
     src: apt-phased-updates
-    dest:  /etc/apt/apt.conf.d/99-Phased-Updates
+    dest: /etc/apt/apt.conf.d/99-Phased-Updates
     owner: root
     group: root
     mode: '0644'
@@ -82,7 +82,7 @@
 - name: Copy nosnap file
   copy:
     src: nosnap
-    dest:  /etc/apt/preferences.d/nosnap
+    dest: /etc/apt/preferences.d/nosnap
     owner: root
     group: root
     mode: '0644'
@@ -104,6 +104,15 @@
   when: ansible_os_family == "Debian" and inventory_hostname in groups.maintenance_contract
   tags: unattended-upgrade
 
+- name: enable apt auto upgrades
+  copy:
+    src: apt-auto-upgrades
+    dest: /etc/apt/apt.conf.d/20auto-upgrades
+    owner: root
+    group: root
+    mode: '0644'
+  when: ansible_os_family == "Debian"
+
 - name: Copy Unattended Upgrades configuration
   template:
     src: 'apt-unattended-upgrades.j2'
-- 
GitLab