--- - name: Update apt cache ansible.builtin.apt: update_cache: true when: ansible_os_family == "Debian" - name: Check for available system updates ansible.builtin.shell: | apt list --upgradable 2>/dev/null | grep -v "Listing..." | wc -l register: available_updates_count changed_when: false when: ansible_os_family == "Debian" - name: Display available updates count ansible.builtin.debug: msg: "{{ available_updates_count.stdout }} system updates available" when: available_updates_count is defined - name: Apply system updates if auto-update enabled ansible.builtin.apt: upgrade: dist autoremove: true autoclean: true when: - system_update_auto | bool - ansible_os_family == "Debian" - available_updates_count.stdout | int > 0 register: system_update_result - name: Check if reboot is required ansible.builtin.stat: path: /var/run/reboot-required register: reboot_required_file when: system_reboot_required_check | bool - name: Warn about required reboot ansible.builtin.debug: msg: "ATTENTION: System reboot is required to complete updates" when: - reboot_required_file is defined - reboot_required_file.stat.exists