Add files and update files

Cron

@@ -0,0 +1,19 @@
+crontab -e -u ansible
+
+#This is a template, update the path dummy
+0 23 1-7 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /path/to/inventory.ini -l PreProd /path/to/ubuntu_updates_preprod.yaml > preprod.log
+0 23 8-14 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /path/to/inventory.ini -l Infrastructure /path/to/ubuntu_updates.yaml > infrastructure.log
+0 23 15-21 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /path/to/inventory.ini -l Prod /path/to/ubuntu_updates.yaml > Prod.log
+0 23 22-29 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /path/to/inventory.ini -l ControlNode /path/to/ubuntu_updates.yaml > ControlNode.log
+
+
+
+/home/ansible@AD.HAGOOD.US/
+
+0 23 1-7 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /home/ansible@AD.HAGOOD.US/inventory.ini -l PreProd /home/ansible@AD.HAGOOD.US/ubuntu_updates_preprod.yaml > preprod.log
+0 23 8-14 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /home/ansible@AD.HAGOOD.US/inventory.ini -l Infrastructure /home/ansible@AD.HAGOOD.US/ubuntu_updates.yaml > infrastructure.log
+0 23 15-21 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /home/ansible@AD.HAGOOD.US/inventory.ini -l Prod /home/ansible@AD.HAGOOD.US/ubuntu_updates.yaml > Prod.log
+0 23 22-29 * 5 [ "$(date '+\%a')" = "Fri" ] && /usr/bin/ansible-playbook -u ansible -i /home/ansible@AD.HAGOOD.US/inventory.ini -l ControlNode /home/ansible@AD.HAGOOD.US/ubuntu_updates.yaml > ControlNode.log
+
+
+0 11 * * * /usr/bin/ansible-playbook -u ansible -i /home/ansible@AD.HAGOOD.US/inventory.ini -l PreProd /home/ansible@AD.HAGOOD.US/ubuntu_updates_preprod.yaml --check > preprod.log

Playbooks/Inventory.yaml

@@ -2,7 +2,14 @@
 automationtest ansible_host=10.50.150.77
 
 
-[test2]
-ansible ansible_host=10.50.150.220
+[ControlNode]
+ansible.ad.hagood.us 
 
-[test3]
+[PreProd]
+preprod.ad.hagood.us
+
+[Infrastructure]
+infrastructure.ad.hagood.us
+
+[Prod]
+prod.ad.hagood.us

Playbooks/Ubuntu_updates.yaml

@@ -1,58 +1,3 @@
-hosts: test1:test2
-become: true
-tasks:
-name: Update all packages
-apt:
-update_cache: yes
-upgrade: dist
-
----
-- name: Check for system reboot
-  hosts: all
-  gather_facts: true
-  tasks:
-    - name: Check if reboot is required
-      command: 'grep -q "reboot required" /var/run/reboot-required'
-      register: "*** System restart required ***"
-    - name: Set reboot_required variable
-      set_fact:
-        reboot_required: "true"
-      when: reboot_check.rc == 0
-
-    - name: Reboot the system if required
-      command: reboot
-      when: reboot_required == "true"
-
-    - name: Wait for the system to come back after reboot
-      wait_for:
-        timeout: 600
-        host: "{{ ansible_host }}"
-        port: 22
-        state: started
-      when: reboot_required == "true"
-
-
-- name: Check for reboot and reboot the system if required
-  hosts: all
-  gather_facts: true
-  tasks:
-    - name: Check for reboot required
-      command: systemctl list-jobs | grep reboot
-      register: reboot_check
-
-    - name: Set reboot_required variable
-      set_fact:
-        reboot_required: "true"
-      when: reboot_check.rc == 0
-
-
-
-
-
-
-
-
-
 ---
 - hosts: all
   gather_facts: yes
@@ -63,6 +8,14 @@ upgrade: dist
       ansible.builtin.apt:
         upgrade: dist
         update_cache: yes
+    
+    - name: Install updates from pre-production systems
+      apt:
+        name: "{{ item.split('=')[0] }}"
+        version: "{{ item.split('=')[1] }}"
+        state: latest
+      with_lines:
+        - cat /local/path/to/updates.txt
 
     - name: Check if a reboot is required.
       ansible.builtin.stat:

Playbooks/Ubuntu_updates.yaml.old

@@ -0,0 +1,79 @@
+hosts: all
+become: true
+tasks:
+name: Update all packages
+apt:
+update_cache: yes
+upgrade: dist
+
+---
+- name: Check for system reboot
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: Check if reboot is required
+      command: 'grep -q "reboot required" /var/run/reboot-required'
+      register: "*** System restart required ***"
+    - name: Set reboot_required variable
+      set_fact:
+        reboot_required: "true"
+      when: reboot_check.rc == 0
+
+    - name: Reboot the system if required
+      command: reboot
+      when: reboot_required == "true"
+
+    - name: Wait for the system to come back after reboot
+      wait_for:
+        timeout: 600
+        host: "{{ ansible_host }}"
+        port: 22
+        state: started
+      when: reboot_required == "true"
+
+
+- name: Check for reboot and reboot the system if required
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: Check for reboot required
+      command: systemctl list-jobs | grep reboot
+      register: reboot_check
+
+    - name: Set reboot_required variable
+      set_fact:
+        reboot_required: "true"
+      when: reboot_check.rc == 0
+
+
+
+
+
+
+
+
+
+---
+- hosts: all
+  gather_facts: yes
+  become: yes
+
+  tasks:
+    - name: Perform a dist-upgrade.
+      ansible.builtin.apt:
+        upgrade: dist
+        update_cache: yes
+
+    - name: Check if a reboot is required.
+      ansible.builtin.stat:
+        path: /var/run/reboot-required
+        get_md5: no
+      register: reboot_required_file
+
+    - name: Reboot the server (if required).
+      ansible.builtin.reboot:
+      when: reboot_required_file.stat.exists == true
+
+    - name: Remove dependencies that are no longer required.
+      ansible.builtin.apt:
+        autoremove: yes

Playbooks/Ubuntu_updates_preprod.yaml

@@ -0,0 +1,34 @@
+---
+- hosts: all
+  gather_facts: yes
+  become: yes
+
+  tasks:
+    - name: Perform a dist-upgrade.
+      ansible.builtin.apt:
+        upgrade: dist
+        update_cache: yes
+
+    - name: Generate list of updated packages
+      shell: dpkg --list | grep "^ii" | awk '{print $2"="$3}' > /home/ansible@AD.HAGOOD.US/updates.txt      
+
+    - name: Copy updates list to control node
+      fetch:
+        src: /home/ansible@AD.HAGOOD.US/updates.txt
+        dest: /home/ansible@AD.HAGOOD.US/updates.txt
+        flat: yes
+      delegate_to: preprod-group
+
+    - name: Check if a reboot is required.
+      ansible.builtin.stat:
+        path: /var/run/reboot-required
+        get_md5: no
+      register: reboot_required_file
+
+    - name: Reboot the server (if required).
+      ansible.builtin.reboot:
+      when: reboot_required_file.stat.exists == true
+
+    - name: Remove dependencies that are no longer required.
+      ansible.builtin.apt:
+        autoremove: yes

Playbooks/Ubuntu_updates_test.yaml

@@ -0,0 +1,62 @@
+---
+- name: Update packages on Ubuntu servers
+  hosts: all
+  gather_facts: yes
+  become: yes
+
+  tasks:
+    - name: Perform a dist-upgrade.
+      ansible.builtin.apt:
+        upgrade: dist
+        update_cache: yes
+
+    - name: Generate list of updated packages
+      shell: dpkg --list | grep "^ii" | awk '{print $2"="$3}' > /home/ansible@AD.HAGOOD.US/updates.txt      
+
+    - name: Copy updates list to control node
+      fetch:
+        src: /home/ansible@AD.HAGOOD.US/updates.txt
+        dest: /home/ansible@AD.HAGOOD.US/updates.txt
+        flat: yes
+      delegate_to: preprod-group
+
+    - name: Check if a reboot is required.
+      ansible.builtin.stat:
+        path: /var/run/reboot-required
+        get_md5: no
+      register: reboot_required_file
+
+    - name: Reboot the server (if required).
+      ansible.builtin.reboot:
+      when: reboot_required_file.stat.exists == true
+
+    - name: Remove dependencies that are no longer required.
+      ansible.builtin.apt:
+        autoremove: yes
+
+    - name: Append update and reboot information to a text file
+      lineinfile:
+        path: "/path/to/{{ inventory_hostname }}_update_log.txt"
+        line: |
+          *** Starting Check for Updates ***
+          Updates installed on {{ ansible_date_time.date }} at {{ ansible_date_time.time }}
+          Updated Packages:
+          {% for package in updated_packages.stdout_lines %}
+          - {{ package }}
+          {% endfor %}
+          Update Result: {{ 'Successful' if package_update_result.changed else 'Failed' }}
+          Reboot Required: {{ 'Yes' if reboot_required.changed else 'No' }}
+          ***********************************************************
+          Process_Complete
+        create: yes
+        insertafter: EOF
+
+    - name: Copy update log to local machine
+      copy:
+        src: "/path/to/{{ inventory_hostname }}_update_log.txt"
+        dest: "/local/path/to/{{ inventory_hostname }}_update_log.txt"
+
+#    - name: Copy update log to network shared drive
+#      copy:
+#        src: "/path/to/{{ inventory_hostname }}_update_log.txt"
+#        dest: "/network/shared/drive/{{ inventory_hostname }}_update_log.txt"

Todo

@@ -0,0 +1,39 @@
+Add reports
+#group variables
+group_vars:
+  preprod-group:
+    report_file: "/path/to/preprod_report.txt"
+  infrastructure-group:
+    report_file: "/path/to/infrastructure_report.txt"
+  production-group:
+    report_file: "/path/to/production_report.txt"
+
+#playbook
+- name: Generate update report
+  shell: echo "Server: {{ inventory_hostname }} - Update status: {{ update_result.changed | ternary('Success', 'Failure') }}" >> "{{ hostvars[inventory_hostname]['report_file'] }}"
+  delegate_to: localhost
+  run_once: true
+
+- name: Generate installation report
+  shell: echo "Server: {{ inventory_hostname }} - Installation status: {{ install_result.changed | ternary('Success', 'Failure') }}" >> "{{ hostvars[inventory_hostname]['report_file'] }}"
+  delegate_to: localhost
+  run_once: true
+
+
+
+
+Email reports
+#playbook
+- name: Email report files
+  command: "echo | mail -s 'Server Update Report' -a {{ hostvars[inventory_hostname]['report_file'] }} your-email@example.com"
+  delegate_to: localhost
+  run_once: true
+
+
+
+
+#reporting
+Patching started
+  list time and date
+  List machines that patches where installed
+  

commands

@@ -0,0 +1,2 @@
+#install mail on control node
+sudo apt-get install mailutils