Automatic updates and security reboots.

These are meant for hosts with a public ip.
This commit is contained in:
Egon Rijpkema 2019-01-24 10:25:00 +01:00
parent 82231aa8ba
commit 1872a4edcf
1 changed files with 16 additions and 0 deletions

16
security.yml Normal file
View File

@ -0,0 +1,16 @@
---
- name: Install roles needed for exposed hosts
hosts: all
become: true
roles:
- geerlingguy.repo-epel
- geerlingguy.security
tasks:
- cron:
name: Reboot to load new kernel.
weekday: 1
minute: 45
hour: 11
user: root
job: /bin/needs-restarting -r >/dev/null 2>&1 || /sbin/shutdown -r +60 "restarting to apply updates"
cron_file: reboot