From 3a6614f74ecc90ae7e3060541188bcad13133c9c Mon Sep 17 00:00:00 2001 From: Dmitry Ilvokhin Date: Sun, 23 Jun 2024 19:40:01 +0100 Subject: Introduce sysupgrade playbook Playbook sysupgrade.yml is a attempt to do automatic full system upgrade. Currently logic is completely automated for happy path. 1. Shutdown machine. 2. Take snapshot from the machine. 3. Power on machine back. 4. Update archlinux-keyring. 5. Upgrade everything. 6. Reboot. If something is working, then we are done. Otherwise, restore from snapshot manually and try to figure out what went wrong. --- roles/poweron/tasks/main.yml | 15 +++++++++++++++ roles/reboot/tasks/main.yml | 2 ++ roles/shutdown/tasks/main.yml | 2 ++ roles/snapshot/tasks/main.yml | 31 +++++++++++++++++++++++++++++++ roles/sysupgrade/tasks/main.yml | 9 +++++++++ 5 files changed, 59 insertions(+) create mode 100644 roles/poweron/tasks/main.yml create mode 100644 roles/reboot/tasks/main.yml create mode 100644 roles/shutdown/tasks/main.yml create mode 100644 roles/snapshot/tasks/main.yml create mode 100644 roles/sysupgrade/tasks/main.yml (limited to 'roles') diff --git a/roles/poweron/tasks/main.yml b/roles/poweron/tasks/main.yml new file mode 100644 index 0000000..7aac651 --- /dev/null +++ b/roles/poweron/tasks/main.yml @@ -0,0 +1,15 @@ +- name: Power on droplet + local_action: + module: ansible.builtin.uri + url: "{{ digitalocean_api_url }}/droplets/{{ droplet_id }}/actions" + method: POST + headers: + Content-Type: application/json + Authorization: Bearer {{ digitalocean_api_token }} + body_format: json + status_code: 201 + body: + type: power_on + +- name: Wait for host to back up + ansible.builtin.wait_for_connection: diff --git a/roles/reboot/tasks/main.yml b/roles/reboot/tasks/main.yml new file mode 100644 index 0000000..50d20e7 --- /dev/null +++ b/roles/reboot/tasks/main.yml @@ -0,0 +1,2 @@ +- name: Reboot host + ansible.builtin.reboot: diff --git a/roles/shutdown/tasks/main.yml b/roles/shutdown/tasks/main.yml new file mode 100644 index 0000000..39cdda5 --- /dev/null +++ b/roles/shutdown/tasks/main.yml @@ -0,0 +1,2 @@ +- name: Shutdown host + community.general.shutdown: diff --git a/roles/snapshot/tasks/main.yml b/roles/snapshot/tasks/main.yml new file mode 100644 index 0000000..a46e9d6 --- /dev/null +++ b/roles/snapshot/tasks/main.yml @@ -0,0 +1,31 @@ +- name: Make droplet snapshot + local_action: + module: ansible.builtin.uri + url: "{{ digitalocean_api_url }}/droplets/{{ droplet_id }}/actions" + method: POST + headers: + Content-Type: application/json + Authorization: Bearer {{ digitalocean_api_token }} + body_format: json + status_code: 201 + body: + type: snapshot + name: "{{ inventory_hostname_short }}-\ + {{ (now(utc=true).timestamp() * 1000) | int }}" + register: snapshot + +- name: Wait for droplet snapshot to finish + local_action: + module: ansible.builtin.uri + url: "{{ digitalocean_api_url }}/droplets/{{ droplet_id }}\ + /actions/{{ snapshot.json.action.id }}" + method: GET + headers: + Content-Type: application/json + Authorization: Bearer {{ digitalocean_api_token }} + body_format: json + status_code: 200 + register: snapshot_info + until: snapshot_info.json.action.completed_at != None + retries: 16 + delay: 60 diff --git a/roles/sysupgrade/tasks/main.yml b/roles/sysupgrade/tasks/main.yml new file mode 100644 index 0000000..77f2b1c --- /dev/null +++ b/roles/sysupgrade/tasks/main.yml @@ -0,0 +1,9 @@ +- name: Update archlinux-keyring + ansible.builtin.package: + name: archlinux-keyring + state: latest + +- name: Upgrade all packages in the system + community.general.pacman: + update_cache: yes + upgrade: yes -- cgit v1.2.3-70-g09d2