diff options
Diffstat (limited to 'fdio.infra.ansible/roles/kernel/tasks/ubuntu_noble.yaml')
-rw-r--r-- | fdio.infra.ansible/roles/kernel/tasks/ubuntu_noble.yaml | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_noble.yaml b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_noble.yaml new file mode 100644 index 0000000000..1702ecc07d --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_noble.yaml @@ -0,0 +1,62 @@ +--- +# file: tasks/ubuntu_noble.yaml + +- name: "Get Available Kernel Versions" + ansible.builtin.command: "apt-cache showpkg linux-headers-*" + changed_when: false + register: apt_kernel_list + tags: + - kernel-inst + +- name: "Get installed packages with APT" + ansible.builtin.command: "dpkg -l" + changed_when: false + register: apt_packages_list + tags: + - kernel-inst + +- name: "Set target APT kernel version" + ansible.builtin.set_fact: + _kernel: "{{ apt_kernel_list | deb_kernel( + kernel_version, ansible_kernel) }}" + tags: + - kernel-inst + +- name: "Disable APT auto upgrade" + ansible.builtin.lineinfile: + path: "/etc/apt/apt.conf.d/20auto-upgrades" + state: "present" + regexp: "APT::Periodic::Unattended-Upgrade \"[0-9]\";" + line: "APT::Periodic::Unattended-Upgrade \"0\";" + create: true + mode: 0644 + tags: + - kernel-inst + +- name: "Ensure Packages Versions" + ansible.builtin.apt: + name: "{{ apt_kernel_list | deb_kernel_pkg( + kernel_version, ansible_kernel, ansible_distribution, + ansible_architecture, item) }}" + loop: "{{ kernel_packages }}" + tags: + - kernel-inst + +- name: "Ensure Any Other Kernel Packages Are Removed" + ansible.builtin.apt: + name: "{{ apt_packages_list | deb_installed_kernel( + apt_kernel_list, kernel_version, ansible_kernel) }}" + state: "absent" + purge: true + notify: + - "Reboot Server" + tags: + - kernel-inst + +- name: "Ensure Any Microcode Is Absent" + ansible.builtin.apt: + name: "{{ absent_packages }}" + state: "absent" + purge: true + tags: + - kernel-inst |