From 63cabdb46333b0f816f5a8e85b487a1caad6f04c Mon Sep 17 00:00:00 2001
From: Ark74 <ark@switnet.org>
Date: Tue, 20 Jan 2026 15:59:33 -0600
Subject: [PATCH] initial structure

---
 ansible.cfg                          |  9 +++++
 inventory/group_vars/all.yml         | 12 +++++++
 inventory/hosts.ini                  |  4 +++
 playbooks/sbuild_apt_maintenance.yml | 53 ++++++++++++++++++++++++++++
 4 files changed, 78 insertions(+)
 create mode 100644 ansible.cfg
 create mode 100644 inventory/group_vars/all.yml
 create mode 100644 inventory/hosts.ini
 create mode 100644 playbooks/sbuild_apt_maintenance.yml

diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 0000000..319d584
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,9 @@
+[defaults]
+inventory = inventory/hosts.ini
+host_key_checking = False
+stdout_callback = yaml
+bin_ansible_callbacks = True
+
+[privilege_escalation]
+become = True
+become_method = sudo
diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
new file mode 100644
index 0000000..a8fffe3
--- /dev/null
+++ b/inventory/group_vars/all.yml
@@ -0,0 +1,12 @@
+# Global defaults for this maintenance run.
+
+sbuild_targets_ecne:
+  - ecne-arm64
+  - ecne-armhf
+
+sbuild_targets_aramo:
+  - aramo-arm64
+  - aramo-armhf
+
+# Equivalent to: sleep 20
+sleep_after_sbuild_seconds: 20
diff --git a/inventory/hosts.ini b/inventory/hosts.ini
new file mode 100644
index 0000000..c8b40fe
--- /dev/null
+++ b/inventory/hosts.ini
@@ -0,0 +1,4 @@
+[builders]
+host1:IP1		ansible_user=userA
+host2:IP2		ansible_user=userB
+
diff --git a/playbooks/sbuild_apt_maintenance.yml b/playbooks/sbuild_apt_maintenance.yml
new file mode 100644
index 0000000..794366a
--- /dev/null
+++ b/playbooks/sbuild_apt_maintenance.yml
@@ -0,0 +1,53 @@
+---
+- name: sbuild-update + apt dist-upgrade maintenance
+  hosts: builders
+  become: true
+  gather_facts: false
+
+  environment:
+    DEBIAN_FRONTEND: noninteractive
+
+  tasks:
+#    - name: DEBUG - confirm group_vars loaded
+#      ansible.builtin.debug:
+#        msg:
+#          - "sbuild_targets={{ sbuild_targets | default('MISSING') }}"
+#         - "sleep_after_sbuild_seconds={{ sleep_after_sbuild_seconds | default('MISSING') }}"
+
+    - name: Ensure sbuild-update exists
+      ansible.builtin.command: bash -lc 'command -v sbuild-update'
+      register: sbuild_update_path
+      changed_when: false
+
+    - name: Run sbuild-update (ecne stage)
+      ansible.builtin.command: "sbuild-update -udcar {{ item }}"
+      loop: "{{ sbuild_targets_ecne }}"
+      loop_control:
+        label: "{{ inventory_hostname }} -> {{ item }}"
+
+    - name: Run sbuild-update (aramo stage)
+      ansible.builtin.command: "sbuild-update -udcar {{ item }}"
+      loop: "{{ sbuild_targets_aramo }}"
+      loop_control:
+        label: "{{ inventory_hostname }} -> {{ item }}"
+
+    - name: Pause after sbuild updates
+      ansible.builtin.pause:
+        seconds: "{{ sleep_after_sbuild_seconds }}"
+
+    - name: apt update (update cache)
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 0
+
+    - name: apt dist-upgrade
+      ansible.builtin.apt:
+        upgrade: dist
+
+    - name: apt autoremove
+      ansible.builtin.apt:
+        autoremove: true
+
+    - name: apt autoclean
+      ansible.builtin.apt:
+        autoclean: true