diff --git a/synology_upgrade_ssh.yml b/synology_upgrade_ssh.yml index bbb82f6..239f1ee 100644 --- a/synology_upgrade_ssh.yml +++ b/synology_upgrade_ssh.yml @@ -1,215 +1,38 @@ --- -- name: Synology DSM - télécharger puis installer mise à jour via SSH (robuste Semaphore) +- name: Synology DSM - Vérifier et préparer mise à jour (mode supporté) hosts: synology gather_facts: false - vars: - download_timeout: 7200 # 2h max pour download - reboot_timeout: 2400 # 40 min max reboot/upgrade - poll_delay: 30 # intervalle de polling - - synoupgrade_candidates: - - "/usr/syno/sbin/synoupgrade" - - "/usr/syno/bin/synoupgrade" - - "/usr/syno/sbin/synoupgrade2" - - "/usr/syno/bin/synoupgrade2" - - "/usr/sbin/synoupgrade" - - "/usr/bin/synoupgrade" - - "/usr/sbin/synoupgrade2" - - "/usr/bin/synoupgrade2" - - start_subcommands: - - "--start" - - "--upgrade" - - "--apply" - - "--run" - - "--install" - tasks: - - name: Détecter synoupgrade (sans [ ]) + - name: Afficher version DSM actuelle ansible.builtin.shell: | - set -eu - FOUND="" - for p in {{ synoupgrade_candidates | join(' ') }}; do - if test -x "$p"; then - FOUND="$p" - break - fi - done - - if test -z "$FOUND"; then - if command -v synoupgrade >/dev/null 2>&1; then - FOUND="$(command -v synoupgrade)" - elif command -v synoupgrade2 >/dev/null 2>&1; then - FOUND="$(command -v synoupgrade2)" - fi - fi - - echo "$FOUND" - args: - executable: /bin/sh - register: detect + cat /etc/VERSION + register: dsm_version changed_when: false - - name: Enregistrer le binaire synoupgrade - ansible.builtin.set_fact: - synoupgrade_bin: "{{ detect.stdout | trim }}" - changed_when: false - - - name: Fail si synoupgrade introuvable - ansible.builtin.fail: - msg: "synoupgrade introuvable. stdout='{{ detect.stdout }}' stderr='{{ detect.stderr }}'" - when: synoupgrade_bin == "" - - - name: Afficher le binaire retenu + - name: Afficher version ansible.builtin.debug: - msg: "synoupgrade utilisé: {{ synoupgrade_bin }}" + var: dsm_version.stdout_lines - # 1) Check update - - name: Check mise à jour disponible + - name: Vérifier état update via service DSM (heuristique) ansible.builtin.shell: | - set -eu - {{ synoupgrade_bin }} --check || true - args: - executable: /bin/sh - register: check_out - changed_when: false - - - name: Afficher stdout/stderr du check - ansible.builtin.debug: - msg: - - "CHECK STDOUT: {{ check_out.stdout | default('') }}" - - "CHECK STDERR: {{ check_out.stderr | default('') }}" - - # Heuristique: stop uniquement si on voit clairement "up to date" - - name: Stop si aucune mise à jour détectée (heuristique) - ansible.builtin.meta: end_play - when: > - (check_out.stdout | lower) is search('up to date') - or (check_out.stdout | lower) is search('no update') - or (check_out.stdout | lower) is search('already') - or (check_out.stdout | lower) is search('no newer') - - # 2) Download - - name: Lancer le téléchargement - ansible.builtin.shell: | - set -eu - {{ synoupgrade_bin }} --download - args: - executable: /bin/sh - register: download_start - changed_when: true - - - name: Afficher stdout/stderr du download start - ansible.builtin.debug: - msg: - - "DL START STDOUT: {{ download_start.stdout | default('') }}" - - "DL START STDERR: {{ download_start.stderr | default('') }}" - - # 3) Poll download until "ready" - - name: Attendre fin du téléchargement (status ou logs) - ansible.builtin.shell: | - set -eu - if {{ synoupgrade_bin }} --status >/dev/null 2>&1; then - {{ synoupgrade_bin }} --status || true + if [ -f /var/log/synoupdate.log ]; then + tail -n 50 /var/log/synoupdate.log else - (tail -n 120 /var/log/synoupgrade.log 2>/dev/null || true) + echo "Aucun log synoupdate trouvé" fi - args: - executable: /bin/sh - register: dl_poll - changed_when: false - until: > - (dl_poll.stdout | lower) is search('downloaded') - or (dl_poll.stdout | lower) is search('ready') - or (dl_poll.stdout | lower) is search('complete') - or (dl_poll.stdout | lower) is search('completed') - or (dl_poll.stdout | lower) is search('finish') - or (dl_poll.stdout | lower) is search('done') - retries: "{{ (download_timeout // poll_delay) | int }}" - delay: "{{ poll_delay }}" - - - name: Afficher statut fin téléchargement - ansible.builtin.debug: - msg: "{{ dl_poll.stdout_lines | default([]) }}" - - # 4) Start install (best effort) - - name: Tenter de démarrer l'installation (plusieurs méthodes) - ansible.builtin.shell: | - set -eu - {{ synoupgrade_bin }} {{ item }} || true - args: - executable: /bin/sh - loop: "{{ start_subcommands }}" - register: start_attempts - changed_when: true - failed_when: false - - - name: Afficher résultats des tentatives start - ansible.builtin.debug: - msg: > - {{ start_attempts.results - | map(attribute='item') - | zip(start_attempts.results | map(attribute='stdout')) - | list }} - - - name: Choisir la première tentative qui ne contient pas "invalid/unknown/usage/error" - ansible.builtin.set_fact: - start_ok: >- - {{ - (start_attempts.results - | rejectattr('stdout', 'search', '(?i)(invalid|unknown|usage|error|failed)') - | rejectattr('stderr', 'search', '(?i)(invalid|unknown|usage|error|failed)') - | list - | first) | default({}) - }} + register: update_log changed_when: false - - name: Fail si aucune tentative start ne marche - ansible.builtin.fail: - msg: > - Impossible de démarrer l'installation. - Détails stdout/stderr: - {{ start_attempts.results | to_nice_json }} - when: start_ok | length == 0 - - - name: Afficher la commande start retenue + - name: Résumé état mise à jour ansible.builtin.debug: msg: - - "Start retenu: {{ start_ok.item }}" - - "stdout: {{ start_ok.stdout | default('') }}" - - "stderr: {{ start_ok.stderr | default('') }}" - - # 5) Attendre reboot (SSH down/up) - - name: Attendre que SSH tombe (reboot probable) - ansible.builtin.wait_for: - host: "{{ inventory_hostname }}" - port: 22 - state: drained - timeout: 600 - delegate_to: localhost - - - name: Attendre le retour SSH - ansible.builtin.wait_for: - host: "{{ inventory_hostname }}" - port: 22 - state: started - timeout: "{{ reboot_timeout }}" - delegate_to: localhost - - # 6) Post-check - - name: Post-check version DSM - ansible.builtin.shell: | - set -eu - echo "=== /etc/VERSION ===" - cat /etc/VERSION 2>/dev/null || true - echo "=== synoupgrade --status ===" - {{ synoupgrade_bin }} --status 2>/dev/null || true - args: - executable: /bin/sh - register: post - changed_when: false - - - name: Afficher post-check - ansible.builtin.debug: - var: post.stdout_lines + - "=== ÉTAT DSM ===" + - "Si une mise à jour est disponible :" + - "👉 Aller dans DSM > Panneau de configuration > Mise à jour DSM" + - "👉 Accepter l’EULA si demandé" + - "👉 Cliquer Installer (ou planifier)" + - "" + - "Ce comportement est NORMAL sur DSM 7 (API/SSH limités)" + - "Logs récents :" + - "{{ update_log.stdout_lines | default([]) }}"