ansible-pull/roles/base/tasks/system_setup/cron.yml

- name: system setup | cron | install cron package
  tags: packages,cron
  package:
    name:
      - "{{ cron_package }}"
    state: latest

- name: system setup | cron | start and enable cronie daemon
  tags: cron
  service:
    name: cronie
    state: started
    enabled: true
  when: ansible_distribution == "Archlinux"

- name: add cronjob for ansible
  become: true
  become_user: root
  cron:
    name: "ansible provision"
    user: "{{ ansible_user_id }}"
    job: 'ansible-pull --vault-password-file=~/.vaultpass -U "https://gitea.mewissen.site/rene/ansible-pull.git" -d "/opt/ansible-pull" -C master'
    state: present
    minute: 0
    hour: 1

- name: correct crontab for reboot | remove
  become: true
  become_user: root
  cron:
    name: "generate SSH key on reboot, if missing"
    job: '[[ -f /etc/ssh/ssh_host_* ]] | ssh-keygen -A'
    state: absent

- name: correct crontab for reboot | remove
  become: true
  become_user: root
  cron:
    name: "generate SSH key on reboot, if missing"
    job: '[[ -f /etc/ssh/ssh_host_* ]] || ssh-keygen -A'
    state: absent

- name: correct crontab for reboot | add
  become: true
  become_user: root
  cron:
    name: "generate SSH key on reboot, if missing"
    job: "[[ -f /etc/ssh/ssh_host_* ]] || ssh-keygen -A && systemctl restart {{ ssh_service }}"
    state: present
    special_time: reboot

# - name: system setup | cron | schedule automatic ansible provisioning
#   tags: cron
#   cron:
#     name: "ansible provision"
#     user: ansible
#     hour: "{{ ansible_cron_hour | default('*') }}"
#     minute: "{{ ansible_cron_minute | default('*/30') }}"
#     job: "/usr/local/bin/provision > /dev/null"

# - name: system setup | cron | schedule ansible cleanup at boot
#   tags: cron
#   cron:
#     name: "ansible refresh at boot"
#     user: ansible
#     special_time: reboot
#     job: "/bin/rm -rf /home/ansible/.ansible"

- name: system setup | cron | Send me a list of upgradeable packages daily (Debian, Ubuntu)
  tags: cron
  cron:
    name: "Send me a list of upgradeable packages"
    user: root
    hour: "0"
    minute: "0"
    job: "apt list --upgradeable"
  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]

- name: system setup | cron | Send me a list of upgradeable packages daily (Archlinux)
  tags: cron
  cron:
    name: "Send me a list of upgradeable packages"
    user: root
    hour: "0"
    minute: "0"
    job: "{{ root_home }} + '/bin/cron_pacman'"
  when: ansible_distribution in ["Archlinux"]