auto-updates: Install and configure dnf-automatic

*dnf-automatic* is an add-on for `dnf` that performs scheduled,
automatic updates.  It works pretty much how I would want it to:
triggered by a systemd timer, sends email reports upon completion, and
only reboots for kernel et al. updates.

In its default configuration, `dnf-automatic.timer` fires every day.  I
want machines to update weekly, but I want them to update on different
days (so as to avoid issues if all the machines reboot at once).  Thus,
the _dnf-automatic_ role uses a systemd unit extension to change the
schedule.  The day-of-the-week is chosen pseudo-randomly based on the
host name of the managed system.

roles/dnf-automatic/tasks/main.yml

@@ -0,0 +1,54 @@
+- name: ensure dnf-automatic is installed
+  dnf:
+    name: dnf-automatic
+    state: present
+  tags:
+  - install
+
+- name: ensure dnf-automatic is configured
+  template:
+    src: dnf-automatic.conf.j2
+    dest: /etc/dnf/automatic.conf
+    owner: root
+    group: root
+    mode: u=rw,go=r
+  tags:
+  - config
+
+- name: ensure dnf-automatic.timer systemd drop-in directory exists
+  file:
+    path: /etc/systemd/system/dnf-automatic.timer.d
+    owner: root
+    group: root
+    mode: u=rwx,go=rx
+    state: directory
+  tags:
+  - config
+- name: ensure dnf-automatic.timer schedule is set
+  template:
+    src: dnf-automatic.schedule.conf.j2
+    dest: /etc/systemd/system/dnf-automatic.timer.d/schedule.conf
+    owner: root
+    group: root
+    mode: u=rw,go=r
+  notify:
+  - reload systemd
+  - restart dnf-automatic.timer
+  tags:
+  - config
+
+- name: flush handlers
+  meta: flush_handlers
+
+- name: ensure dnf-automatic.timer unit is enabled
+  systemd:
+    name: dnf-automatic.timer
+    enabled: true
+  tags:
+  - service
+- name: ensure dnf-automatic.timer unit is started
+  systemd:
+    name: dnf-automatic.timer
+    state: started
+  tags:
+  - service