Last active
May 10, 2026 10:44
-
-
Save brootware/9061c5c72fdb2f82b5c23739d161b57e to your computer and use it in GitHub Desktop.
Quick and simple ansible play to test out on your own local host
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ansible-playbook debian_patch.yml -K -vv --become-method=su | |
| --- | |
| - name: Local plays | |
| hosts: localhost | |
| gather_facts: yes | |
| become: true | |
| tasks: | |
| - name: Update apt cache | |
| apt: | |
| update_cache: yes | |
| when: ansible_facts['os_family']== "Debian" | |
| - name: Upgrade all installed packages | |
| apt: | |
| upgrade: dist | |
| allow_unauthenticated: yes | |
| when: ansible_facts['os_family'] == "Debian" | |
| - name: Auto remove unused packages | |
| apt: | |
| autoremove: yes | |
| when: ansible_facts['os_family'] == "Debian" | |
| - name: Check for presence of reboot status file. | |
| stat: | |
| path: /var/run/reboot-required | |
| register: reboot_status_file | |
| - name: Check file status of crypttab for LUKs encryption | |
| stat: | |
| path: /etc/crypttab | |
| register: crypttab_status | |
| - name: Debug crypttab | |
| debug: | |
| msg: "{{ crypttab_status }}" | |
| - name: Prompt the user reboot is required if required and LUKs encryption exist. | |
| debug: | |
| msg: "A manual reboot is required for this machine as there is LUKs encryption." | |
| when: reboot_status_file.stat.exists and crypttab_status.stat.exists == true | |
| - name: Reboot the machine if no LUKs encryption. | |
| reboot: | |
| msg: "Rebooting the machine as updates have been applied." | |
| reboot_timeout: 600 | |
| when: crypttab_status.stat.exists == false |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To run this ansible-playbook localplay.yml -K -vv --become-method=su | |
| - name: Local plays | |
| hosts: localhost | |
| gather_facts: yes | |
| become: true | |
| tasks: | |
| - name: print out all details from gathered facts | |
| ansible.builtin.debug: | |
| msg: "{{ ansible_facts }}" | |
| - name: update apt cache | |
| ansible.builtin.apt: | |
| update_cache: yes | |
| when: ansible_facts['os_family'] == "Debian" | |
| # You can add in more plays here to test out. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To run this ansible-playbook sudo_ws.yml --ask-become-pass | |
| - name: Local plays | |
| hosts: localhost | |
| gather_facts: yes | |
| # become: true | |
| tasks: | |
| - name: print out all details from gathered facts | |
| ansible.builtin.debug: | |
| msg: "{{ ansible_facts }}" | |
| - name: Tasks to work around ansible become on ubuntu 26. https://www.reddit.com/r/ansible/comments/1t6ie61/comment/okmoiv5/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button | |
| block: | |
| - name: Find the absolute path of the sudo binary | |
| ansible.builtin.command: which sudo | |
| register: sudo_path | |
| changed_when: false | |
| when: ansible_facts['distribution'] == "Ubuntu" | |
| - name: Configure sudo privilege escalation for Ubuntu | |
| ansible.builtin.blockinfile: | |
| path: "{{ ansible_facts['env']['HOME'] }}/.ansible.cfg" | |
| create: yes | |
| mode: '0644' | |
| block: | | |
| [privilege_escalation] | |
| become_exe = {{ sudo_path.stdout }} | |
| when: ansible_facts['distribution'] == "Ubuntu" and sudo_path.rc == 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment