An ansible playbook to weekly update all nodes to the latest versions.

  1. Update the virtual nodes.
  2. Update the real nodes, one node at a time.
  3. Check if a reboot is needed, node for node.

After the playbook has run, all nodes should be up-to-date and running.

Note: At the moment all nodes are a Debian distribution:

  • pve: Debian (Trixie) 13 - Proxmox
  • lxc: Debian (Trixie) 13 - virtual nodes
  • vm: Debian (Trixie) 13 - virtual nodes
  • raspi: Debian (Bookkworm) 12 - Raspberry Pi 3B
---
- name: Upgrade virtual nodes playbook
  hosts: lxc, vm
  become: true
  gather_facts: false

  tasks:
    - name: Apt upgrade
      ansible.builtin.apt:
        upgrade: dist
        update_cache: true
        autoclean: true

- name: Upgrade real nodes playbook
  hosts: pve, raspi
  become: true
  gather_facts: false
  serial: 1

  tasks:
    - name: Apt upgrade
      ansible.builtin.apt:
        upgrade: dist
        update_cache: true
        autoclean: true

- name: Check reboot playbook
  hosts: all
  become: true
  gather_facts: false
  serial: 1

  tasks:
    - name: Check reboot
      ansible.builtin.stat:
        path: /var/run/reboot-required
      register: required

    - name: Reboot
      ansible.builtin.reboot:
      when: required.stat.exists