# SPDX-License-Identifier: MIT
- name: 'If Debian configure unattended upgrades behavior'
  loop_control:
    loop_var: 'pve_maintenance_unattended_config'
    label: 'Configure {{ pve_maintenance_unattended_config.human_readable_option }}'
  loop:
    - { insertafter: '^Unattended-Upgrade::Origins-Pattern ',             line: '        "origin=*";',                                    regexp: '^        "origin=\*";',                                  human_readable_option: 'all packages as eligible for unattended upgrades' }
    - { insertafter: '//Unattended-Upgrade::Mail ',                       line: 'Unattended-Upgrade::Mail "root@localhost";',             regexp: '^Unattended-Upgrade::Mail [^;]+;',                       human_readable_option: 'e-mail address for upgrade warnings' }
    - { insertafter: '//Unattended-Upgrade::MailReport ',                 line: 'Unattended-Upgrade::MailReport "on-change";',            regexp: '^Unattended-Upgrade::MailReport [^;]+;',                 human_readable_option: 'conditions for e-mail upgrade notices' }
    - { insertafter: '//Unattended-Upgrade::Remove-Unused-Dependencies ', line: 'Unattended-Upgrade::Remove-Unused-Dependencies "true";', regexp: '^Unattended-Upgrade::Remove-Unused-Dependencies [^;]+;', human_readable_option: 'auto-removal of unused dependencies' }
    - { insertafter: '//Unattended-Upgrade::Automatic-Reboot ',           line: 'Unattended-Upgrade::Automatic-Reboot "true";',           regexp: '^Unattended-Upgrade::Automatic-Reboot [^;]+;',           human_readable_option: 'automatic reboots' }
    - { insertafter: '//Unattended-Upgrade::Automatic-Reboot-Time ',      line: 'Unattended-Upgrade::Automatic-Reboot-Time "+1";',        regexp: '^Unattended-Upgrade::Automatic-Reboot-Time [^;]+;',      human_readable_option: 'reboots when needed, 1 minute delay' }
    - { insertafter: '//Acquire::http::Dl-Limit ',                        line: 'Acquire::http::Dl-Limit "0";',                           regexp: '^Acquire::http::Dl-Limit [^;]+;',                        human_readable_option: 'unlimited download speed' }
  ansible.builtin.lineinfile:
    path: '/etc/apt/apt.conf.d/50unattended-upgrades'
    insertafter: '{{ pve_maintenance_unattended_config.insertafter }}'
    line: '{{ pve_maintenance_unattended_config.line }}'
    regexp: '{{ pve_maintenance_unattended_config.regexp }}'

- name: 'If Debian configure automatic apt-get update runs'
  ansible.builtin.copy:
    src: 'etc/apt/apt.conf.d/20auto-upgrades'
    dest: '/etc/apt/apt.conf.d/20auto-upgrades'

- name: 'If Debian add e-mail alias for user ''root'''
  ansible.builtin.lineinfile:
    path: '/etc/aliases'
    insertafter: 'EOF'
    regexp: '^root:.*'
    line: 'root: {{ e_mail_notifications_addressee }}'
  notify:
    - 'Ensure that a Mail Transfer Agent is running with newest config'