81 lines
2.1 KiB
YAML
81 lines
2.1 KiB
YAML
id: linux-apt-upgrade
|
|
namespace: homelab.docker
|
|
|
|
inputs:
|
|
- id: host
|
|
type: STRING
|
|
displayName: "Server IP oder Hostname"
|
|
description: "Zielserver, z.B. 91.99.167.128"
|
|
|
|
- id: user
|
|
type: STRING
|
|
displayName: "SSH Benutzer"
|
|
description: "SSH-Benutzer auf dem Zielserver"
|
|
defaults: meinuser
|
|
|
|
- id: sudo_password
|
|
type: SECRET
|
|
displayName: "Sudo Passwort"
|
|
description: "Sudo-Passwort für den Benutzer meinuser"
|
|
|
|
tasks:
|
|
- id: apt-upgrade
|
|
type: io.kestra.plugin.scripts.shell.Commands
|
|
containerImage: alpine:latest
|
|
|
|
env:
|
|
SSH_PRIVATE_KEY: "{{ secret('SSH_PRIVATE_KEY') }}"
|
|
SUDO_PASSWORD: "{{ inputs.sudo_password }}"
|
|
|
|
beforeCommands:
|
|
- apk add --no-cache openssh-client bash
|
|
|
|
commands:
|
|
- |
|
|
set -eo pipefail
|
|
|
|
mkdir -p ~/.ssh
|
|
chmod 700 ~/.ssh
|
|
|
|
printf '%s\n' "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
|
chmod 600 ~/.ssh/id_rsa
|
|
|
|
printf '%s\n' "$SUDO_PASSWORD" | ssh \
|
|
-i ~/.ssh/id_rsa \
|
|
-o StrictHostKeyChecking=no \
|
|
-o UserKnownHostsFile=/dev/null \
|
|
"{{ inputs.user }}@{{ inputs.host }}" \
|
|
'bash -lc '"'"'
|
|
set -euo pipefail
|
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
echo "Angemeldet als: $(whoami)"
|
|
|
|
if [ "$(id -u)" -eq 0 ]; then
|
|
echo "Benutzer ist root. Führe apt direkt aus."
|
|
apt-get update
|
|
apt-get -y upgrade
|
|
else
|
|
echo "Benutzer ist nicht root. Prüfe sudo."
|
|
|
|
sudo -S -p "" -v
|
|
|
|
echo "Sudo erfolgreich. Führe apt mit sudo aus."
|
|
sudo apt-get update
|
|
sudo DEBIAN_FRONTEND=noninteractive apt-get -y upgrade
|
|
fi
|
|
|
|
if [ -f /var/run/reboot-required ]; then
|
|
echo "REBOOT_REQUIRED=yes"
|
|
else
|
|
echo "REBOOT_REQUIRED=no"
|
|
fi
|
|
'"'"''
|
|
|
|
- id: log-result
|
|
type: io.kestra.plugin.core.log.Log
|
|
message: |
|
|
✅ apt update && apt upgrade wurde auf {{ inputs.user }}@{{ inputs.host }} ausgeführt.
|
|
|