Post-Tyranny-Tech-Infrastru.../ansible/roles/common/tasks/updates.yml

---
# Automatic security updates configuration

- name: Install unattended-upgrades
  apt:
    name:
      - unattended-upgrades
      - apt-listchanges
    state: present

- name: Configure unattended-upgrades
  template:
    src: 50unattended-upgrades.j2
    dest: /etc/apt/apt.conf.d/50unattended-upgrades
    mode: '0644'
  notify: Restart unattended-upgrades

- name: Enable automatic updates
  template:
    src: 20auto-upgrades.j2
    dest: /etc/apt/apt.conf.d/20auto-upgrades
    mode: '0644'
  notify: Restart unattended-upgrades