Actualiser synology_upgrade_ssh.yml
This commit is contained in:
parent
e13d89b123
commit
f5be115a07
|
|
@ -1,215 +1,38 @@
|
|||
---
|
||||
- name: Synology DSM - télécharger puis installer mise à jour via SSH (robuste Semaphore)
|
||||
- name: Synology DSM - Vérifier et préparer mise à jour (mode supporté)
|
||||
hosts: synology
|
||||
gather_facts: false
|
||||
|
||||
vars:
|
||||
download_timeout: 7200 # 2h max pour download
|
||||
reboot_timeout: 2400 # 40 min max reboot/upgrade
|
||||
poll_delay: 30 # intervalle de polling
|
||||
|
||||
synoupgrade_candidates:
|
||||
- "/usr/syno/sbin/synoupgrade"
|
||||
- "/usr/syno/bin/synoupgrade"
|
||||
- "/usr/syno/sbin/synoupgrade2"
|
||||
- "/usr/syno/bin/synoupgrade2"
|
||||
- "/usr/sbin/synoupgrade"
|
||||
- "/usr/bin/synoupgrade"
|
||||
- "/usr/sbin/synoupgrade2"
|
||||
- "/usr/bin/synoupgrade2"
|
||||
|
||||
start_subcommands:
|
||||
- "--start"
|
||||
- "--upgrade"
|
||||
- "--apply"
|
||||
- "--run"
|
||||
- "--install"
|
||||
|
||||
tasks:
|
||||
- name: Détecter synoupgrade (sans [ ])
|
||||
- name: Afficher version DSM actuelle
|
||||
ansible.builtin.shell: |
|
||||
set -eu
|
||||
FOUND=""
|
||||
for p in {{ synoupgrade_candidates | join(' ') }}; do
|
||||
if test -x "$p"; then
|
||||
FOUND="$p"
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
if test -z "$FOUND"; then
|
||||
if command -v synoupgrade >/dev/null 2>&1; then
|
||||
FOUND="$(command -v synoupgrade)"
|
||||
elif command -v synoupgrade2 >/dev/null 2>&1; then
|
||||
FOUND="$(command -v synoupgrade2)"
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "$FOUND"
|
||||
args:
|
||||
executable: /bin/sh
|
||||
register: detect
|
||||
cat /etc/VERSION
|
||||
register: dsm_version
|
||||
changed_when: false
|
||||
|
||||
- name: Enregistrer le binaire synoupgrade
|
||||
ansible.builtin.set_fact:
|
||||
synoupgrade_bin: "{{ detect.stdout | trim }}"
|
||||
changed_when: false
|
||||
|
||||
- name: Fail si synoupgrade introuvable
|
||||
ansible.builtin.fail:
|
||||
msg: "synoupgrade introuvable. stdout='{{ detect.stdout }}' stderr='{{ detect.stderr }}'"
|
||||
when: synoupgrade_bin == ""
|
||||
|
||||
- name: Afficher le binaire retenu
|
||||
- name: Afficher version
|
||||
ansible.builtin.debug:
|
||||
msg: "synoupgrade utilisé: {{ synoupgrade_bin }}"
|
||||
var: dsm_version.stdout_lines
|
||||
|
||||
# 1) Check update
|
||||
- name: Check mise à jour disponible
|
||||
- name: Vérifier état update via service DSM (heuristique)
|
||||
ansible.builtin.shell: |
|
||||
set -eu
|
||||
{{ synoupgrade_bin }} --check || true
|
||||
args:
|
||||
executable: /bin/sh
|
||||
register: check_out
|
||||
changed_when: false
|
||||
|
||||
- name: Afficher stdout/stderr du check
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "CHECK STDOUT: {{ check_out.stdout | default('') }}"
|
||||
- "CHECK STDERR: {{ check_out.stderr | default('') }}"
|
||||
|
||||
# Heuristique: stop uniquement si on voit clairement "up to date"
|
||||
- name: Stop si aucune mise à jour détectée (heuristique)
|
||||
ansible.builtin.meta: end_play
|
||||
when: >
|
||||
(check_out.stdout | lower) is search('up to date')
|
||||
or (check_out.stdout | lower) is search('no update')
|
||||
or (check_out.stdout | lower) is search('already')
|
||||
or (check_out.stdout | lower) is search('no newer')
|
||||
|
||||
# 2) Download
|
||||
- name: Lancer le téléchargement
|
||||
ansible.builtin.shell: |
|
||||
set -eu
|
||||
{{ synoupgrade_bin }} --download
|
||||
args:
|
||||
executable: /bin/sh
|
||||
register: download_start
|
||||
changed_when: true
|
||||
|
||||
- name: Afficher stdout/stderr du download start
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "DL START STDOUT: {{ download_start.stdout | default('') }}"
|
||||
- "DL START STDERR: {{ download_start.stderr | default('') }}"
|
||||
|
||||
# 3) Poll download until "ready"
|
||||
- name: Attendre fin du téléchargement (status ou logs)
|
||||
ansible.builtin.shell: |
|
||||
set -eu
|
||||
if {{ synoupgrade_bin }} --status >/dev/null 2>&1; then
|
||||
{{ synoupgrade_bin }} --status || true
|
||||
if [ -f /var/log/synoupdate.log ]; then
|
||||
tail -n 50 /var/log/synoupdate.log
|
||||
else
|
||||
(tail -n 120 /var/log/synoupgrade.log 2>/dev/null || true)
|
||||
echo "Aucun log synoupdate trouvé"
|
||||
fi
|
||||
args:
|
||||
executable: /bin/sh
|
||||
register: dl_poll
|
||||
changed_when: false
|
||||
until: >
|
||||
(dl_poll.stdout | lower) is search('downloaded')
|
||||
or (dl_poll.stdout | lower) is search('ready')
|
||||
or (dl_poll.stdout | lower) is search('complete')
|
||||
or (dl_poll.stdout | lower) is search('completed')
|
||||
or (dl_poll.stdout | lower) is search('finish')
|
||||
or (dl_poll.stdout | lower) is search('done')
|
||||
retries: "{{ (download_timeout // poll_delay) | int }}"
|
||||
delay: "{{ poll_delay }}"
|
||||
|
||||
- name: Afficher statut fin téléchargement
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ dl_poll.stdout_lines | default([]) }}"
|
||||
|
||||
# 4) Start install (best effort)
|
||||
- name: Tenter de démarrer l'installation (plusieurs méthodes)
|
||||
ansible.builtin.shell: |
|
||||
set -eu
|
||||
{{ synoupgrade_bin }} {{ item }} || true
|
||||
args:
|
||||
executable: /bin/sh
|
||||
loop: "{{ start_subcommands }}"
|
||||
register: start_attempts
|
||||
changed_when: true
|
||||
failed_when: false
|
||||
|
||||
- name: Afficher résultats des tentatives start
|
||||
ansible.builtin.debug:
|
||||
msg: >
|
||||
{{ start_attempts.results
|
||||
| map(attribute='item')
|
||||
| zip(start_attempts.results | map(attribute='stdout'))
|
||||
| list }}
|
||||
|
||||
- name: Choisir la première tentative qui ne contient pas "invalid/unknown/usage/error"
|
||||
ansible.builtin.set_fact:
|
||||
start_ok: >-
|
||||
{{
|
||||
(start_attempts.results
|
||||
| rejectattr('stdout', 'search', '(?i)(invalid|unknown|usage|error|failed)')
|
||||
| rejectattr('stderr', 'search', '(?i)(invalid|unknown|usage|error|failed)')
|
||||
| list
|
||||
| first) | default({})
|
||||
}}
|
||||
register: update_log
|
||||
changed_when: false
|
||||
|
||||
- name: Fail si aucune tentative start ne marche
|
||||
ansible.builtin.fail:
|
||||
msg: >
|
||||
Impossible de démarrer l'installation.
|
||||
Détails stdout/stderr:
|
||||
{{ start_attempts.results | to_nice_json }}
|
||||
when: start_ok | length == 0
|
||||
|
||||
- name: Afficher la commande start retenue
|
||||
- name: Résumé état mise à jour
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Start retenu: {{ start_ok.item }}"
|
||||
- "stdout: {{ start_ok.stdout | default('') }}"
|
||||
- "stderr: {{ start_ok.stderr | default('') }}"
|
||||
|
||||
# 5) Attendre reboot (SSH down/up)
|
||||
- name: Attendre que SSH tombe (reboot probable)
|
||||
ansible.builtin.wait_for:
|
||||
host: "{{ inventory_hostname }}"
|
||||
port: 22
|
||||
state: drained
|
||||
timeout: 600
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Attendre le retour SSH
|
||||
ansible.builtin.wait_for:
|
||||
host: "{{ inventory_hostname }}"
|
||||
port: 22
|
||||
state: started
|
||||
timeout: "{{ reboot_timeout }}"
|
||||
delegate_to: localhost
|
||||
|
||||
# 6) Post-check
|
||||
- name: Post-check version DSM
|
||||
ansible.builtin.shell: |
|
||||
set -eu
|
||||
echo "=== /etc/VERSION ==="
|
||||
cat /etc/VERSION 2>/dev/null || true
|
||||
echo "=== synoupgrade --status ==="
|
||||
{{ synoupgrade_bin }} --status 2>/dev/null || true
|
||||
args:
|
||||
executable: /bin/sh
|
||||
register: post
|
||||
changed_when: false
|
||||
|
||||
- name: Afficher post-check
|
||||
ansible.builtin.debug:
|
||||
var: post.stdout_lines
|
||||
- "=== ÉTAT DSM ==="
|
||||
- "Si une mise à jour est disponible :"
|
||||
- "👉 Aller dans DSM > Panneau de configuration > Mise à jour DSM"
|
||||
- "👉 Accepter l’EULA si demandé"
|
||||
- "👉 Cliquer Installer (ou planifier)"
|
||||
- ""
|
||||
- "Ce comportement est NORMAL sur DSM 7 (API/SSH limités)"
|
||||
- "Logs récents :"
|
||||
- "{{ update_log.stdout_lines | default([]) }}"
|
||||
|
|
|
|||
Loading…
Reference in New Issue