Merge remote branch 'riseup/master'

Conflicts: manifests/init.pp
2010-10-17 20:35:35 -04:00 · 2010-10-17 20:35:35 -04:00 · 296593bcbd
commit 296593bcbd
parent 521ccfec19 356ff93340
5 changed files with 30 additions and 97 deletions
--- a/7
+++ b/7
@ -1,3 +1,4 @@
+
 Overview
 ========

@ -6,7 +7,7 @@ This module manages apt on Debian.
 It keeps dpkg's and apt's databases as well as the keyrings for securing
 package download current.

-backports.org is added and an archive key is provided[1].
+backports.debian.org is added.

 dselect is switched to expert mode to suppress superfluous help screens.

@ -138,7 +139,3 @@ Sometimes -- especially when initially starting management or deploying new
 packages -- a immediate update is really needed to be able to install the right
 packages without errors. Thus a method should be devised to be able to specify
 with high fidelity when a update should be run and when it is not needed.
-
-
-
-[1] Of course, you should check the validity of _this_ key yourself.
--- a/files/backports.org.key
+++ b/files/backports.org.key
@ -1,33 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.3 (GNU/Linux)
-
-mQGiBEMIgw4RBADueqAzlq+rQT9JYSSWnNzo6C+9crI8lzW/fcl2Q3PO97MOQTOx
-Qsf/lOh0Ku7O+VdBa+BwVPuUkSw6wTY5Ku1y/6r1BQzJ9oHkryDDJXsHzKhpdyFc
-/lD4hNGqRkiNg5ulwAI0O1eqffPWDmeR9ZzSsqM40f1U4TNLfPAu1viWxwCgnbWz
-onY6RqSYlRsDQaPsNTwieVEEAJeX2FGgNepD1SvfEremAkWCrYYlSZI76iTIf6bd
-kGkWqIT0vJyE2MNenhDJ2ebbHJVFmL9x8S3m1daC4Zwnacm7aoCY/QgMJ+Js1Fex
-Acev48W9KHgpVbFMd1t8KAwRbmFcQf0C/FZUbE7xScpTxS4z3SsMOuRyfnGpDOi6
-m/SnA/9wpquf3pPwbPykzKWNJEDouiJgt0zaFLauKDPeyTWeJ6htaAPDglArewdq
-bJ9M8QgLFtzjhg/fBQlRRUk7YP4OYtp1OdPkg2D/1rPQNySWlDf21T3N/K8ydKhR
-bYi+AsPuJLQUi3d+lVTFOebaL9felePvDC2/Eod7PSD1/rnkZ7Q0QmFja3BvcnRz
-Lm9yZyBBcmNoaXZlIEtleSA8ZnRwLW1hc3RlckBiYWNrcG9ydHMub3JnPohGBBAR
-AgAGBQJDgImkAAoJEHFe1qB+e4rJ2x4An2oI4xJpDvOx8uDIo9ihG1M0MpUqAJ9S
-cqVUmiyYSPtu8MwcZecy9kmOIYheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
-FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AniaEBvlr4oVFMrGgPiye7iE/jv68AJ48
-OkIfwcKJt7N8ImPAboeimFvWgIheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
-FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AnjdB14rGa/rzz1ohwsi1oEnDRYuyAJ44
-Nv8MTPjOaeEZArQ0flg8OXwF37kCDQRDCIMREAgAzXu6DGSDAz4JH+mlthtiQwNZ
-FU8bjWanGT3DL6zubxwc3ZQmRaMOiVuvJUuaJv8fdGRSvp09dP2/x5mzq2rACiEn
-DwZssNSK5sigxgy2W9zeO9bOtg6bhqZLwlsL8Y2xZhyGL3qGeP4zL1QbXZ1QdJuO
-90Xu7GWYS6Wsj+Y6dUsZFYvTZwSiLkEmgFUTxkNue3DQtZ/KNkwoKc+aqU+S7gDN
-StQDvTNtR6IV11KbKcY1iQ0B2bkh4zShWwloIr83V6huAhfH8GA7UW6saRJAof5D
-JWUb+PRmU2TAOOlyZoM4nMH+sFFDPOeG8fbecwlox5BRTMqcCB5ELbQXoVZT+wAD
-BQf/ffI9R53f9USQkhsSak+k82JjRo9hqKAvPwBv3fDhMYqX3XRmwgNeax2y6Ub0
-AQkDhIC6eJILP5hTb2gjpmYYP7YE/7F1h37lUg7dDYeyPQF54mUXPnIg3uQ/V9HB
-TY+ZW8rsVe1KRvPAuVFU77FfCvIFdLSXVi1HSUcGv9Y7Kk4Tkr7vzKshlcIp6zZr
-O0Y3t/+ekBwTTQqEoUylVYkCSt3z6bjpVWbepkL88rbqJnPueTATw9shjbFYaND8
-cXZox9tQmlOIZ6gDeH1YvFf7ObRLxULm7C6hwik6agtXWkNABVXSxM6MB4hcP9QC
-+FEhK6y/7wC3SyNRBuFujDG1aohJBBgRAgAJBQJDCIMRAhsMAAoJEOqOiyEWuhNs
-VVMAoJ1gbL0PHVf7yDwMjO3HuJBErxLdAJ4v9ojJnvJu2yUl4W586soBm+wsLg==
-=fBrI
-----END PGP PUBLIC KEY BLOCK-----
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -36,7 +36,7 @@ class apt {
    default: {
      config_file { "/etc/apt/preferences":
        content => $custom_preferences,
-        alias => apt_config,
+        alias => "apt_config",
        require => File["/etc/apt/sources.list"];
      }
    }
@ -57,71 +57,38 @@ class apt {
    'refresh_apt':
      command => '/usr/bin/apt-get update && sleep 1',
      refreshonly => true,
-      subscribe => [ File["/etc/apt/sources.list"],
-                     File["/etc/apt/preferences"], 
-                     File["/etc/apt/apt.conf.d"],
-                     Config_file[apt_config] ];
+      subscribe => [ File["/etc/apt/sources.list", "/etc/apt/preferences", "/etc/apt/apt.conf.d"],
+                     Config_file["apt_config"] ];
      'update_apt':
        command => '/usr/bin/apt-get update && /usr/bin/apt-get autoclean',
-        require => [ File["/etc/apt/sources.list"],
-                     File["/etc/apt/preferences"], Config_file[apt_config] ],
+        require => [ File["/etc/apt/sources.list", "/etc/apt/preferences"], Config_file["apt_config"] ],
        loglevel => info,
        # Another Semaphor for all packages to reference
-        alias => apt_updated;
+        alias => "apt_updated";
  }

  ## This package should really always be current
  package { "debian-archive-keyring": ensure => latest }
+  # backports uses the normal archive key now
+  package { "debian-backports-keyring": ensure => absent }
        
-  case $lsbdistcodename {
-    etch: {
-      package { "debian-backports-keyring": ensure => latest }
-                
-      # This key was downloaded from
-      # http://backports.org/debian/archive.key
-      # and is needed to bootstrap the backports trustpath
-      file { "${apt_base_dir}/backports.org.key":
-        source => "puppet:///modules/apt/backports.org.key",
-        mode => 0444, owner => root, group => root,
+  case $custom_key_dir {
+    '': {
+      exec { "/bin/true # no_custom_keydir": }
+    }
+    default: {
+      file { "${apt_base_dir}/keys.d":
+        source => "$custom_key_dir",
+        recurse => true,
+        mode => 0755, owner => root, group => root,
      }
-      exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
-        alias => "backports_key",
+      exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
+        alias => "custom_keys",
+        subscribe => File["${apt_base_dir}/keys.d"],
        refreshonly => true,
-        subscribe => File["${apt_base_dir}/backports.org.key"],
-        before => [ File[apt_config], Package["debian-backports-keyring"] ]
+        before => Config_file["apt_config"];
      }
    }
-    lenny: {
-      package { "debian-backports-keyring": ensure => latest }
-
-      # This key was downloaded from
-      # http://backports.org/debian/archive.key
-      # and is needed to bootstrap the backports trustpath
-      file { "${apt_base_dir}/backports.org.key":
-        source => "puppet:///modules/apt/backports.org.key",
-        mode => 0444, owner => root, group => root,
-      }
-      exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
-        alias => "backports_key",
-        refreshonly => true,
-        subscribe => File["${apt_base_dir}/backports.org.key"],
-        before => [ Config_file[apt_config], Package["debian-backports-keyring"] ]
-      }
-    }
-  }
-
-  if $custom_key_dir {
-    file { "${apt_base_dir}/keys.d":
-      source => "$custom_key_dir",
-      recurse => true,
-      mode => 0755, owner => root, group => root,
-    }
-    exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
-      alias => "custom_keys",
-      subscribe => File["${apt_base_dir}/keys.d"],
-      refreshonly => true,
-      before => Config_file[apt_config];
-    }
  }

  # workaround for preseeded_package component
--- a/templates/sources.list.backports.erb
+++ b/templates/sources.list.backports.erb
@ -0,0 +1,8 @@
+# This file is brought to you by puppet
+
+# backports
+<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%>
+# There are no backports for for <%= lsbdistcodename %>
+<% else -%>
+deb http://backports.debian.org/debian-backports/ <%= lsbdistcodename %>-backports main
+<% end -%>
--- a/templates/sources.list.erb
+++ b/templates/sources.list.erb
@ -9,9 +9,3 @@ deb http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free
 deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free
 <% end -%>

-# backports
-<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%>
-# There are no backports for for <%= lsbdistcodename %>
-<% else -%>
-deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main
-<% end -%>