2023-02-02 09:02:48 +01:00
|
|
|
#+TITLE: Move fast and break things
|
|
|
|
#+DATE: 2023-02-02
|
2023-02-02 09:03:53 +01:00
|
|
|
I'll just leave this here...
|
2023-02-02 09:02:48 +01:00
|
|
|
#+begin_src yaml
|
|
|
|
#! /usr/bin/env ansible-playbook
|
2023-02-02 13:25:45 +01:00
|
|
|
- hosts: OpenBSD:!dns
|
2023-02-02 09:02:48 +01:00
|
|
|
gather_facts: False
|
|
|
|
tasks:
|
|
|
|
- name: run sysupgrade
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: 'sysupgrade -s'
|
|
|
|
ignore_errors: yes
|
|
|
|
async: 3600
|
|
|
|
poll: 0
|
|
|
|
|
2023-02-02 13:25:45 +01:00
|
|
|
- hosts: dns:!ansible_orchestrator
|
2023-02-02 09:02:48 +01:00
|
|
|
gather_facts: False
|
2023-02-02 13:25:45 +01:00
|
|
|
serial: 1
|
2023-02-02 09:02:48 +01:00
|
|
|
tasks:
|
|
|
|
- name: run sysupgrade -n
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: 'sysupgrade -ns'
|
|
|
|
|
|
|
|
- name: check for /bsd.upgrade
|
|
|
|
ansible.builtin.stat:
|
|
|
|
path: /bsd.upgrade
|
|
|
|
register: upgrade_pending
|
|
|
|
|
|
|
|
- name: reboot and wait for host to return
|
|
|
|
block:
|
|
|
|
- name: schedule reboot in 1 minute
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: 'shutdown -r +1'
|
|
|
|
- name: wait for ssh to go away
|
|
|
|
ansible.builtin.wait_for:
|
|
|
|
host: '{{ (ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}'
|
|
|
|
port: 22
|
|
|
|
state: stopped
|
|
|
|
delay: 10
|
|
|
|
vars:
|
|
|
|
ansible_connection: local
|
2023-02-02 13:25:45 +01:00
|
|
|
|
2023-02-02 09:02:48 +01:00
|
|
|
- name: wait for DNS to come back.
|
|
|
|
ansible.builtin.wait_for:
|
|
|
|
state: started
|
|
|
|
host: '{{ (ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}'
|
|
|
|
port: 53
|
|
|
|
delay: 10
|
|
|
|
vars:
|
|
|
|
ansible_connection: local
|
|
|
|
when: upgrade_pending.stat.exists
|
|
|
|
|
2023-02-02 13:25:45 +01:00
|
|
|
- hosts: ansible_orchestrator
|
2023-02-02 09:02:48 +01:00
|
|
|
gather_facts: False
|
|
|
|
tasks:
|
|
|
|
- name: run sysupgrade
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: 'sysupgrade -s'
|
|
|
|
ignore_errors: yes
|
|
|
|
#+end_src
|