Add support for Debian 11 (also fixes security issue) (#87)

jnv · Oct 20, 2021 · 7ed7c8c · 7ed7c8c
1 parent d3eeca8
commit 7ed7c8c
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 0 deletions.
diff --git a/meta/main.yml b/meta/main.yml
@@ -16,6 +16,8 @@ galaxy_info:
     versions:
      - wheezy
      - jessie
+     - buster
+     - bullseye
   #
   # Below are all categories currently available. Just as with
   # the platforms above, uncomment those that apply to your role.

diff --git a/tasks/unattended-upgrades.yml b/tasks/unattended-upgrades.yml
@@ -6,6 +6,10 @@
   include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
   when: (ansible_distribution == "Debian") and (ansible_distribution_release == "wheezy")
 
+- name: add Debian Bullseye workaround
+  include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
+  when: (ansible_distribution == "Debian") and (ansible_distribution_release == "bullseye")
+
 - name: install powermgmt-base
   apt:
     pkg:

diff --git a/vars/Debian-bullseye.yml b/vars/Debian-bullseye.yml
@@ -0,0 +1,9 @@
+---
+# From https://metadata.ftp-master.debian.org/changelogs//main/u/unattended-upgrades/unattended-upgrades_2.8_changelog
+#  Allow both ${distro_codename} or ${distro_codename}-security on Debian
+#  as security update codenames. The latter will be used starting with
+#  Bullseye, but to help backporting and testing the configuration file keeps
+#  working on Buster and older releases. (Closes: #933138)
+__unattended_origins_patterns:
+  - 'origin=Debian,codename=${distro_codename},label=Debian-Security'
+  - 'origin=Debian,codename=${distro_codename}-security,label=Debian-Security'