# Ticket: Managed update schedules with Ansible or similar

## Metadata
- Type: Ticket
- Status: Done - MVP deployed and trialed
- Project: Homelab Operations
- Created: 2026-06-06
- Updated: 2026-06-06
- Priority: Medium

## Goal

Create a standard update/patch management approach for managed VMs/LXCs, likely using Ansible or a similar tool.

## Why

Managed systems need consistent patching, reboot handling, verification, and rollback awareness. This is not currently implemented.

## Scope

Included:
- Install and configure Ansible or an equivalent update-management tool.
- Research Ansible or alternatives for homelab patch management
- Define update classes/schedules
- Define inventory source and host grouping
- Define pre-update backup/snapshot expectations
- Define verification and change-log requirements

Not included:
- Automatic unattended upgrades for critical systems without approval
- Full configuration management for every service in the first pass

## Acceptance Criteria

This ticket is done when:
- [x] Update management options are researched
- [x] Initial approach is selected — Ansible manual-gated MVP from Nimrod LXC.
- [x] Managed host inventory approach is defined — static MVP inventory at `ansible/inventories/homelab/hosts.yml`, future generation from registry possible.
- [x] Patch classes/schedules are documented — `experimental`, `standard`, `critical_manual`, `manual_only`; no automatic schedules yet.
- [x] A safe MVP update runbook exists — `runbooks/homelab-managed-updates.md`.
- [x] At least one non-critical host is updated using the process — `homepage-dashboard` first trial succeeded.

## Questions

- Should Ansible inventory be generated from `infra/proxmox-registry.yaml`?
- What update windows are acceptable?
- Which systems require manual approval before patching/rebooting?
- Should Proxmox host updates be handled separately from guest VM/LXC updates?

All ACs satisfied. Scheduled automation and Proxmox host updates remain follow-up work.


## Notes

- This ticket exists because scheduled update management is desired but not yet implemented.
- 2026-06-07: User explicitly requested Ansible to keep all services up to date.
- 2026-06-07: Subagent plan created at `tickets/artifacts/2026-06-06-managed-update-schedules-ansible/05-plan.md`. Ansible installed on Nimrod LXC; inventory/playbooks/runbook added; read-only preflight/check succeeded for `homepage-dashboard`; safe apt upgrade trial completed with no reboot required and Homepage remained healthy.