module-apt/manifests/init.pp

# apt.pp - common components and defaults for handling apt
# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
# See LICENSE for the full license granted to you.
#
# With hints from
#  Micah Anderson <micah@riseup.net>
#  * backports key

class apt {

	# See README
	$real_apt_clean = $apt_clean ? {
		'' => 'auto',
		default => $apt_clean,
	}

	package { apt: ensure => installed }

	# a few templates need lsbdistcodename
	include assert_lsbdistcodename

	case $custom_sources_list {
		'': {
			include default_sources_list
		}
		default: {
			config_file { "/etc/apt/sources.list":
				content => $custom_sources_list,
				require => Exec[assert_lsbdistcodename];
			}
		}
	}

	class default_sources_list {
		config_file {
			# include main, security and backports
			# additional sources could be included via an array
			"/etc/apt/sources.list":
				content => template("apt/sources.list.erb"),
				require => Exec[assert_lsbdistcodename];
		}
	}

        case $custom_preferences {
          '': {
            include default_preferences
          }
          default: {
            config_file { "/etc/apt/preferences":
              content => $custom_preferences
              alias => apt_config,
              require => File["/etc/apt/sources.list"];
            }
          }
        }
        class default_preferences {
	  config_file {
	    # this just pins unstable and testing to very low values
	    "/etc/apt/preferences":
	      content => template("apt/preferences.erb"),
	      # use File[apt_config] to reference a completed configuration
	      # See "The Puppet Semaphor" 2007-06-25 on the puppet-users ML
	      alias => apt_config,
	      # only update together
	      require => File["/etc/apt/sources.list"];
	    # little default settings which keep the system sane
	    "/etc/apt/apt.conf.d/from_puppet":
	      content => "APT::Get::Show-Upgraded true;\nDSelect::Clean $real_apt_clean;\n",
	      before => File[apt_config];
	  }
        }

	$apt_base_dir = "/var/lib/puppet/modules/apt"
	modules_dir { apt: }
	# watch apt.conf.d
	file { "/etc/apt/apt.conf.d": ensure => directory, checksum => mtime; }

	exec {
		# "&& sleep 1" is workaround for older(?) clients
		"/usr/bin/apt-get update && sleep 1 #on refresh":
			refreshonly => true,
			subscribe => [ File["/etc/apt/sources.list"],
				File["/etc/apt/preferences"], File["/etc/apt/apt.conf.d"],
				File[apt_config] ];
		"/usr/bin/apt-get update && /usr/bin/apt-get autoclean #hourly":
			require => [ File["/etc/apt/sources.list"],
				File["/etc/apt/preferences"], File[apt_config] ],
			# Another Semaphor for all packages to reference
			alias => apt_updated;
	}

        ## This package should really always be current
        package { "debian-archive-keyring":
          ensure => latest,
        }
          
	case $lsbdistcodename {
		etch: {
		  package { "debian-backports-keyring":
		    ensure => latest,
		  }
                  
		  # This key was downloaded from
		  # http://backports.org/debian/archive.key
		  # and is needed to bootstrap the backports trustpath
		  file { "${apt_base_dir}/backports.org.key":
		    source => "puppet://$servername/apt/backports.org.key",
		    mode => 0444, owner => root, group => root,
		  }
		  exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
		    alias => "backports_key",
		    refreshonly => true,
		    subscribe => File["${apt_base_dir}/backports.org.key"],
		    before => [ File[apt_config], Package["debian-backports-keyring"] ]
		  }
		}
	}

        case $custom_key_dir {
          default: {
            file { "${apt_base_dir}/keys.d":
              source => "$custom_key_dir",
              recurse => yes,
              mode => 0755, owner => root, group => root,
            }
            exec { "for key in `ls ${apt_base_dir/keys.d/` ; do /usr/bin/apt-key add ${apt_base_dir}/$key && apt-get update":
              alias => "custom_keys",
              refreshonly => true,
              before => File[apt_config];
            }
          }
        }
}
        

class dselect {
	# suppress annoying help texts of dselect
	line { dselect_expert:
		file => "/etc/dpkg/dselect.cfg",
		line => "expert",
		ensure => present,
	}

	package { dselect: ensure => installed }
}
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`# apt.pp - common components and defaults for handling apt`
			`# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>`
			`# See LICENSE for the full license granted to you.`
			`#`
			`# With hints from`
			`# Micah Anderson <micah@riseup.net>`
			`# * backports key`

			`class apt {`

			`# See README`
			`$real_apt_clean = $apt_clean ? {`
			`'' => 'auto',`
			`default => $apt_clean,`
			`}`

Revert "move backports in a seperate class, add the Cache-Limit hack to all configs, try to depend on lsb-release properly" This reverts commit 3ecbee6a271e986229348deca91dbf338d98d735. 2008-09-28 23:56:39 +02:00			`package { apt: ensure => installed }`
use dselect to update dpkg's available file git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@102 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-07-03 12:20:19 +02:00
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`# a few templates need lsbdistcodename`
			`include assert_lsbdistcodename`

add $custom_sources_list to override sources.list contents 2007-09-14 08:16:33 +02:00			`case $custom_sources_list {`
			`'': {`
			`include default_sources_list`
			`}`
			`default: {`
			`config_file { "/etc/apt/sources.list":`
fix missing comma syntax error 2008-09-29 18:20:43 +02:00			`content => $custom_sources_list,`
Revert "move backports in a seperate class, add the Cache-Limit hack to all configs, try to depend on lsb-release properly" This reverts commit 3ecbee6a271e986229348deca91dbf338d98d735. 2008-09-28 23:56:39 +02:00			`require => Exec[assert_lsbdistcodename];`
add $custom_sources_list to override sources.list contents 2007-09-14 08:16:33 +02:00			`}`
			`}`
			`}`

			`class default_sources_list {`
			`config_file {`
			`# include main, security and backports`
			`# additional sources could be included via an array`
			`"/etc/apt/sources.list":`
			`content => template("apt/sources.list.erb"),`
			`require => Exec[assert_lsbdistcodename];`
			`}`
			`}`

abstract the apt preferences so that custom preferences can be set, while maintaining a sane default preferences set can be set. This is done in the same manner that the custom/default sources_list are handled 2008-09-29 00:10:28 +02:00			`case $custom_preferences {`
			`'': {`
			`include default_preferences`
			`}`
			`default: {`
			`config_file { "/etc/apt/preferences":`
			`content => $custom_preferences`
			`alias => apt_config,`
			`require => File["/etc/apt/sources.list"];`
			`}`
			`}`
			`}`
			`class default_preferences {`
			`config_file {`
			`# this just pins unstable and testing to very low values`
			`"/etc/apt/preferences":`
			`content => template("apt/preferences.erb"),`
			`# use File[apt_config] to reference a completed configuration`
			`# See "The Puppet Semaphor" 2007-06-25 on the puppet-users ML`
			`alias => apt_config,`
			`# only update together`
			`require => File["/etc/apt/sources.list"];`
			`# little default settings which keep the system sane`
			`"/etc/apt/apt.conf.d/from_puppet":`
			`content => "APT::Get::Show-Upgraded true;\nDSelect::Clean $real_apt_clean;\n",`
			`before => File[apt_config];`
			`}`
			`}`
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00
rename all $bas_dir variables git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@123 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-07-14 11:42:37 +02:00			`$apt_base_dir = "/var/lib/puppet/modules/apt"`
Add README to apt module additionally use modules_dir and remove legacy file removal 2007-08-16 09:32:09 +02:00			`modules_dir { apt: }`
			`# watch apt.conf.d`
			`file { "/etc/apt/apt.conf.d": ensure => directory, checksum => mtime; }`
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00
			`exec {`
minor workaround for 0.22.4 clients git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@59 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 12:16:59 +02:00			`# "&& sleep 1" is workaround for older(?) clients`
Revert "move backports in a seperate class, add the Cache-Limit hack to all configs, try to depend on lsb-release properly" This reverts commit 3ecbee6a271e986229348deca91dbf338d98d735. 2008-09-28 23:56:39 +02:00			`"/usr/bin/apt-get update && sleep 1 #on refresh":`
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`refreshonly => true,`
			`subscribe => [ File["/etc/apt/sources.list"],`
			`File["/etc/apt/preferences"], File["/etc/apt/apt.conf.d"],`
			`File[apt_config] ];`
use apt-get instead of dselect and create a dselect class for dselect configuration, making dselect optional 2008-01-25 22:41:26 +01:00			`"/usr/bin/apt-get update && /usr/bin/apt-get autoclean #hourly":`
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`require => [ File["/etc/apt/sources.list"],`
			`File["/etc/apt/preferences"], File[apt_config] ],`
			`# Another Semaphor for all packages to reference`
			`alias => apt_updated;`
			`}`

move the dependency on the latest debian-archive-keyring package outside of the etch lsbdistcodename selector as this package should be the latest on every release of debian, not just etch 2008-09-29 00:17:31 +02:00			`## This package should really always be current`
			`package { "debian-archive-keyring":`
			`ensure => latest,`
			`}`

modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`case $lsbdistcodename {`
			`etch: {`
move the dependency on the latest debian-archive-keyring package outside of the etch lsbdistcodename selector as this package should be the latest on every release of debian, not just etch 2008-09-29 00:17:31 +02:00			`package { "debian-backports-keyring":`
			`ensure => latest,`
			`}`

			`# This key was downloaded from`
			`# http://backports.org/debian/archive.key`
			`# and is needed to bootstrap the backports trustpath`
			`file { "${apt_base_dir}/backports.org.key":`
			`source => "puppet://$servername/apt/backports.org.key",`
			`mode => 0444, owner => root, group => root,`
			`}`
			`exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":`
			`alias => "backports_key",`
			`refreshonly => true,`
			`subscribe => File["${apt_base_dir}/backports.org.key"],`
			`before => [ File[apt_config], Package["debian-backports-keyring"] ]`
			`}`
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`}`
			`}`
add $custom_key_dir which lets you specify a directory where you will place apt repository keys that should be added to apt-key 2008-09-29 18:12:31 +02:00
			`case $custom_key_dir {`
			`default: {`
			`file { "${apt_base_dir}/keys.d":`
			`source => "$custom_key_dir",`
			`recurse => yes,`
			`mode => 0755, owner => root, group => root,`
			`}`
			exec { "for key in `ls ${apt_base_dir/keys.d/` ; do /usr/bin/apt-key add ${apt_base_dir}/$key && apt-get update":
			`alias => "custom_keys",`
			`refreshonly => true,`
			`before => File[apt_config];`
			`}`
			`}`
			`}`
modularised apt git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1 2007-06-25 11:50:19 +02:00			`}`
add $custom_key_dir which lets you specify a directory where you will place apt repository keys that should be added to apt-key 2008-09-29 18:12:31 +02:00
use apt-get instead of dselect and create a dselect class for dselect configuration, making dselect optional 2008-01-25 22:41:26 +01:00
			`class dselect {`
			`# suppress annoying help texts of dselect`
			`line { dselect_expert:`
			`file => "/etc/dpkg/dselect.cfg",`
			`line => "expert",`
			`ensure => present,`
			`}`

			`package { dselect: ensure => installed }`
			`}`