ansible-playbooks/update.yml at master · DouglasNeuroInformatics/ansible-playbooks · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
---
- hosts:
  - workstations
  - computenodes
  vars_files:
    - vars/kernel-nvidia.yml
  become: yes
  tasks:
    - name: update-pciids
      command: update-pciids

    - name: update-smart-drive-db
      command: update-smart-drivedb

    # - name: For overriding user check
    #   ansible.builtin.shell: |
    #     echo 0
    #   register: logged_in_users_count
    #   changed_when: false  # This task never changes system state

    - name: Get logged-in users (excluding Ansible executor) count
      ansible.builtin.shell: |
        who | awk '{print $1}' | grep -v localadmin | sort -u | wc -l
      register: logged_in_users_count
      changed_when: false  # This task never changes system state

#     - name: get cpu flags
#       command: >
#         awk -F: '/^flags/ {print $2; exit}' /proc/cpuinfo
#       register: cpu_flags_cmd
#       changed_when: false  # This task never changes system state
#
#     - name: set cpu flags fact
#       set_fact:
#         cpu_flags: "{{ cpu_flags_cmd.stdout.split() }}"
#
#     - name: Determine highest supported x64 version
#       set_fact:
#         x64_version: >-
#           {%- if list_v4 is subset(cpu_flags) -%}v3
#           {%- elif list_v1 is subset(cpu_flags) and list_v2 is subset(cpu_flags) and list_v3 is subset(cpu_flags) -%}v3
#           {%- elif list_v1 is subset(cpu_flags) and list_v2 is subset(cpu_flags) -%}v2
#           {%- elif list_v1 is subset(cpu_flags) -%}v1{% endif %}

    - name: update apt-get cache
      apt: update_cache=yes

    - name: Unhold packages
      command: >
        apt-mark unhold '*nvidia*' 'linux*'
      when:
        - not (logged_in_users_count.stdout | int > 0)

    - name: Remove nvidia and kernel
      command: >
        apt-get --autoremove -y purge '*xanmod*' '*nvidia*'
      when:
        - not (logged_in_users_count.stdout | int > 0)

    # - name: Install kernel dependencies
    #   ansible.builtin.apt:
    #     state: present
    #     allow_change_held_packages: true
    #     pkg:
    #       - clang
    #       - lld
    #       - llvm
    #       - libdw-dev

    # - name: Install or upgrade kernels
    #   ansible.builtin.apt:
    #     state: latest
    #     allow_change_held_packages: true
    #     pkg:
    #       - "linux-xanmod-x64{{ x64_version }}"
    #       - "linux-xanmod-lts-x64{{ x64_version }}"
    #   register: kernel_installed
    #   when:
    #     - not (logged_in_users_count.stdout | int > 0)

    - name: Install or upgrade kernels
      ansible.builtin.apt:
        state: latest
        allow_change_held_packages: true
        pkg:
          - linux-zabbly
      register: kernel_installed
      when:
        - not (logged_in_users_count.stdout | int > 0)

    - name: Check if nvidia-driver is needed
      ansible.builtin.shell: |
        ubuntu-drivers list | cut -d, -f1 | grep -v server | sort -V | tail -1 | grep nvidia-driver
      ignore_errors: true
      register: nvidia_driver_needed
      changed_when: false  # This task never changes system state

    - name: Install or upgrade nvidia driver
      ansible.builtin.apt:
        name:  "{{ nvidia_driver_needed.stdout }}"
        state: latest
        allow_change_held_packages: true
      register: nvidia_installed
      when:
        - nvidia_driver_needed.rc == 0
        - not (logged_in_users_count.stdout | int > 0)

    - name: Rebuild all dkms packages
      ansible.builtin.shell: |
        ls /boot/initrd.img-* | cut -d- -f2- | xargs -n1 /usr/lib/dkms/dkms_autoinstaller start
      when:
        - nvidia_driver_needed.rc == 0
        - (nvidia_installed.changed | default(false)) or (kernel_installed.changed | default(false))

    - name: Hold kernel and nvidia
      command: >
        apt-mark hold '*nvidia*' 'linux*'

    - name: setuid bit on /sbin/unix_chkpwd
      ansible.builtin.file:
        path: /sbin/unix_chkpwd
        mode: 'u+s'
        state: file

    - name: safe-upgrade
      apt: upgrade=safe cache_valid_time=3600 autoclean=yes autoremove=yes

    - name: full-upgrade
      apt: upgrade=full cache_valid_time=3600 autoclean=yes autoremove=yes

    - name: purge old configs
      ansible.builtin.shell: |
        dpkg -l | grep '^rc' | awk '{print $2}' | xargs --no-run-if-empty dpkg --purge
      ignore_errors: yes

    - name: Reboot if changes
      reboot:
        reboot_timeout: 300
      when:
        - not (logged_in_users_count.stdout | int > 0)
        #- (nvidia_installed.changed | default(false)) or (kernel_installed.changed | default(false))