---
- name: 'Install updates through package management'
  hosts: 'all'

  handlers:
    - name: 'Reboot machine'
      ansible.builtin.reboot:

  pre_tasks:
    - name: 'Update package cache if needed'
      become: true
      ansible.builtin.apt:
        update_cache: true
        cache_valid_time: 3600

  tasks:
    - name: 'Install all available update'
      become: true
      ansible.builtin.apt:
        upgrade: 'dist'

    - name: 'Remove unneeded dependencies and leftover packages from cache'
      become: true
      ansible.builtin.apt:
        autoclean: true
        autoremove: true

    - name: 'Check if reboot is required'
      ansible.builtin.stat:
        path: '/var/run/reboot-required'
      register: 'reboot_required_file'

    - name: 'Reboot if required'
      when: 'reboot_required_file.stat.exists'
      ansible.builtin.assert:
        that:
          - true
        quiet: true
      changed_when: true
      notify: 'Reboot machine'