---
- name: Update all servers (FreeBSD, Rocky9, Debian)
  hosts: all
  become: yes
  gather_facts: yes

  tasks:

    ##################################################
    # Debian / Ubuntu
    ##################################################
    - name: Update package cache (Debian/Ubuntu)
      apt:
        update_cache: yes
      when: ansible_facts['os_family'] == "Debian"

    - name: Upgrade all packages (Debian/Ubuntu)
      apt:
        upgrade: dist
      register: debian_update
      when: ansible_facts['os_family'] == "Debian"

    - name: Reboot Debian only if packages changed
      reboot:
      when:
        - ansible_facts['os_family'] == "Debian"
        - debian_update is defined
        - debian_update.changed

    ##################################################
    # Rocky 9 / RHEL family (uses DNF)
    ##################################################
    - name: Upgrade all packages (RHEL/Rocky)
      dnf:
        name: "*"
        state: latest
      register: rhel_updates
      when: ansible_facts['os_family'] == "RedHat"

    - name: Reboot RHEL only if packages changed
      reboot:
      when:
        - ansible_facts['os_family'] == "RedHat"
        - rhel_update is defined
        - rhel_update.changed

    ##################################################
    # FreeBSD
    ##################################################
    - name: Upgrade all packages and refresh repo cache (FreeBSD)
      community.general.pkgng:
        name: "*"
        state: latest
      register: freebsd_update
      when: ansible_facts['os_family'] == "FreeBSD"

    - name: Reboot FreeBSD only if packages changed
      reboot:
      when:
        - ansible_facts['os_family'] == "FreeBSD"
        - freebsd_update is defined
        - freebsd_update.changed