Merge remote-tracking branch 'riseup/immerda_27_readme' into shared

Conflicts: README manifests/cron/dist_upgrade.pp manifests/cron/download.pp manifests/init.pp manifests/preferences.pp
2013-01-02 16:14:06 +01:00 · 2013-01-02 16:14:06 +01:00 · 517040bb2e
commit 517040bb2e
parent cda713fcf6 07a031f205
25 changed files with 449 additions and 397 deletions
--- a/326
+++ b/326
@ -15,6 +15,78 @@ prevent accidental upgrades.

 Ubuntu support is lagging behind but not absent either.

+! Upgrade Notice !
+
+ * the apt class has been moved to a paramterized class. if you were including
+   this class before, after passing some variables, you will need to move to
+   instantiating the class with those variables instead. For example, if you 
+   had the following in your manifests:
+
+    $apt_debian_url = "http://localhost:9999/debian/"
+    $apt_use_next_release = true
+    include apt
+ 
+   you will need to remove the variables, and the include and instead do
+   the following:
+
+    class { 'apt': debian_url => "http://localhost:9999/debian/", use_next_release => true }
+
+   previously, you could manually set $lsbdistcodename which would enable forced
+   upgrades, but because this is a top-level facter variable, and newer puppet
+   versions do not let you assign variables to other namespaces, this is no
+   longer possible. However, there is a way to obtain this functionality, and
+   that is to pass the 'codename' parameter to the apt class, which will change
+   the sources.list and preferences files to be the codename you set, allowing
+   you to trigger upgrades:
+
+   include apt::dist_upgrade
+   class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] }
+
+ * the apticron class has been moved to a parameterized class.  if you were
+   including this class before, you will need to move to instantiating the
+   class instead. For example, if you had the following in your manifests:
+
+    $apticron_email = "foo@example.com"
+    $apticron_notifynew = "1"
+    ... any $apticron_* variables
+    include apticron
+
+   you will need to remove the variables, and the include and instead do the
+   following:
+
+    class { 'apt::apticron': email => "foo@example.com", notifynew => '1' }
+
+ * the apt::listchanges class has been moved to a paramterized class. if you
+   were including this class before, after passing some variables, you will need
+   to move to instantiating the class with those variables instead. For example,
+   if you had the following in your manifests:
+
+    $apt_listchanges_email = "foo@example.com"
+    ... any $apt_listchanges_* variables
+    include apt::listchanges
+
+   you will need to remove the variables, and the include and instead do the
+   following:
+ 
+    class { 'apt::listchanges': email => "foo@example.com" }
+   
+ * the apt::proxy_client class has been moved to a paramterized class. if you
+   were including this class before, after passing some variables, you will need
+   to move to instantiating the class with those variables instead. For example,
+   if you had the following in your manifests:
+
+    $apt_proxy = 'http://proxy.domain'
+    $apt_proxy_port = 666
+    include apt::proxy_client
+
+   you will need to remove the variables, and the include and instead do the
+   following:
+
+    class { 'apt::proxy_client': proxy => 'http://proxy.domain', port => '666' }
+
+Requirements
+============
+
 This module needs:

 - the lsb module: git://labs.riseup.net/shared-lsb
@ -43,12 +115,14 @@ site_apt/files/some.host.com/03clean_vserver)
 Variables
 =========

-$lsbdistcodename
----------------
+$apt_disable_update
+-------------------

-Contains the codename ("etch", "lenny", ...) of the client's
-release. While these values come from lsb-release by default, this
-value can be set manually too, e.g. to enable forced upgrades.
+Disable "apt-get update" which is normally triggered by apt::upgrade_package 
+and apt::dist_upgrade. 
+Note that nodes can be updated once a day by using 
+  APT::Periodic::Update-Package-Lists "1";
+in i.e. /etc/apt/apt.conf.d/80_apt_update_daily.

 $custom_sources_list
 --------------------
@ -63,26 +137,6 @@ pull in the templates/site_apt/sources.list file:

  $custom_sources_list = template("site_apt/sources.list")

-$custom_preferences
-------------------
-
-Since Debian Lenny's version of APT doesn't support the use of the
-preferences.d directory for putting fragments of 'preferences', this
-module will manage a default generic apt/preferences file with more
-recent releases pinned to very low values so that any package
-installation will not accidentally pull in packages from those suites
-unless you explicitly specify the version number. This file will be
-complemented with all of the preferences_snippet calls (see below).
-
-If the default preferences template doesn't suit your needs, you can create a
-template located in your site_apt module, and set $custom_preferences with the
-content (eg. $custom_preferences = template('site_apt/preferences') )
-
-Setting this variable to false before including this class will force the
-apt/preferences file to be absent:
-
-  $custom_preferences = false
-
 $custom_key_dir
 ---------------

@ -94,73 +148,6 @@ exist there, this module will 'apt-key add' each key.
 The debian-archive-keyring package is installed and kept current up to the
 latest revision (this includes the backports archive keyring).

-$apt_proxy / $apt_proxy_port
----------------------------
-
-When you include the apt::proxy_client class in your nodes, you can set the
-$apt_proxy variable to the URL of the proxy that will be used.
-By default, the proxy will be queried on port 3142, but you can change the port
-number by setting the $apt_proxy_port variable.
-
-Here's an example of setting the proxy to 'http://proxy.domain' at port 666:
-
-  $apt_proxy = 'http://proxy.domain'
-  $apt_proxy_port = 666
-  include apt::proxy_client
-
-$apt_volatile_enabled
-----------------
-
-If this variable is set to true the Debian Volatile sources (until
-Lenny) or CODENAME-updates (such as squeeze-updates, supported since
-Squeeze) are added.
-By default this is false for backward compatibility with older
-versions of this module.
-
-$apt_include_src
----------------
-
-If this variable is set to true a deb-src source is added for every
-added binary archive source.
-By default this is false for backward compatibility with older
-versions of this module.
-
-$apt_use_next_release
---------------------
-
-If this variable is set to true the sources for the next Debian
-release are added. The default pinning configuration pins it to very
-low values.
-By default this is false for backward compatibility with older
-versions of this module.
-
-$apt_debian_url, $apt_security_url, $apt_backports_url, $apt_volatile_url
-------------------------------------------------------------------------
-
-These variables allow to override the default APT mirrors respectively
-used for the standard Debian archives, the Debian security archive,
-the Debian official backports and the Debian Volatile archive.
-
-$apt_ubuntu_url
---------------
-
-These variables allows to override the default APT mirror used for all
-standard Ubuntu archives (including updates, security, backports).
-
-$apt_repos
----------
-
-If this variable is set the default repositories list ("main contrib non-free")
-is overriden.
-
-$apt_disable_update
-------------------
-
-Disable "apt-get update" which is normally triggered by apt::upgrade_package 
-and apt::dist_upgrade. 
-Note that nodes can be updated once a day by using 
-  APT::Periodic::Update-Package-Lists "1";
-in i.e. /etc/apt/apt.conf.d/80_apt_update_daily.

 Classes
 =======
@ -168,27 +155,113 @@ Classes
 apt
 ---

-The apt class sets up most of the documented functionality. To use
-functionality that is not enabled by default, you must include one of
-the following classes.
+The apt class sets up most of the documented functionality. To use functionality
+that is not enabled by default, you must set one of the following parameters.
+
+Example usage:
+
+ class { 'apt': use_next_release => true, debian_url => 'http://localhost:9999/debian/" }
+
+volatile_enabled
+-----------------
+
+If this variable is set to true the Debian Volatile sources (until
+Lenny) or CODENAME-updates (such as squeeze-updates, supported since
+Squeeze) are added.
+
+By default this is false for backward compatibility with older
+versions of this module.
+
+include_src
+------------
+
+If this variable is set to true a deb-src source is added for every
+added binary archive source.
+
+By default this is false for backward compatibility with older
+versions of this module.
+
+use_next_release
+-----------------
+
+If this variable is set to true the sources for the next Debian
+release are added. The default pinning configuration pins it to very
+low values.
+
+By default this is false for backward compatibility with older
+versions of this module.
+
+debian_url, security_url, backports_url, volatile_url
+------------------------------------------------------
+
+These variables allow to override the default APT mirrors respectively
+used for the standard Debian archives, the Debian security archive,
+the Debian official backports and the Debian Volatile archive.
+
+apt_ubuntu_url
+---------------
+
+These variables allows to override the default APT mirror used for all
+standard Ubuntu archives (including updates, security, backports).
+
+apt_repos
+----------
+
+If this variable is set the default repositories list ("main contrib non-free")
+is overriden.
+
+custom_preferences
+-------------------
+
+Since Debian Lenny's version of APT doesn't support the use of the
+preferences.d directory for putting fragments of 'preferences', this
+module will manage a default generic apt/preferences file with more
+recent releases pinned to very low values so that any package
+installation will not accidentally pull in packages from those suites
+unless you explicitly specify the version number. This file will be
+complemented with all of the preferences_snippet calls (see below).
+
+If the default preferences template doesn't suit your needs, you can create a
+template located in your site_apt module, and set custom_preferences with the
+content (eg. custom_preferences => template('site_apt/preferences') )
+
+Setting this variable to false before including this class will force the
+apt/preferences file to be absent:
+
+  class { 'apt': custom_preferences => false }
+
+codename
+--------
+
+Contains the codename ("squeeze", "wheezy", ...) of the client's release. While
+these values come from lsb-release by default, this parameter can be set
+manually, e.g. to enable forced upgrades. For example:
+
+   include apt::dist_upgrade
+   class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] }
+

 apt::apticron
 -------------

-When you include this class, apticron will be installed, with the following
-defaults, which you are free to change before you include the class:
+When you instantiate this class, apticron will be installed, with the following
+defaults, which you are free to change:

- $apticron_ensure_version = 'present'
- $apticron_email = 'root'
- $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb"
- $apticron_diff_only = 1
- $apticron_listchanges_profile = 'apticron'
- $apticron_system = false 
- $apticron_ipaddressnum = false 
- $apticron_ipaddresses = false 
- $apticron_notifyholds = 0
- $apticron_notifynew = 0
- $apticron_customsubject = ''
+  $ensure_version = 'installed',
+  $config = "apt/${::operatingsystem}/apticron_${::lsbdistcodename}.erb",
+  $email = 'root',
+  $diff_only = '1',
+  $listchanges_profile = 'apticron',
+  $system = false,
+  $ipaddressnum = false,
+  $ipaddresses = false,
+  $notifyholds = '0',
+  $notifynew = '0',
+  $customsubject = ''
+
+Example usage:
+
+ class { 'apt::apticron': email => "foo@example.com", notifynew => '1' }

 apt::cron::download
 -------------------
@ -237,7 +310,7 @@ file's content changes. The initiator file is copied from the first
 available source amongst the following ones, in decreasing priority
 order:

- puppet:///modules/site_apt/${fqdn}/upgrade_initiator
+- puppet:///modules/site_apt/${::fqdn}/upgrade_initiator
 - puppet:///modules/site_apt/upgrade_initiator
 - puppet:///modules/apt/upgrade_initiator

@ -261,22 +334,33 @@ suppress superfluous help screens.
 apt::listchanges
 ----------------

-This class, when included, installs apt-listchanges and configures it using the
-following variables, the defaults are below:
+This class, when instantiated, installs apt-listchanges and configures it using
+the following parameterized variables, which can be changed:

- $apt_listchanges_version = 'present'
- $apt_listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb"
- $apt_listchanges_frontend = 'pager'
- $apt_listchanges_email = 'root'
- $apt_listchanges_confirm = 0
- $apt_listchanges_saveseen = '/var/lib/apt/listchanges.db'
- $apt_listchanges_which = 'both'
+ version = "present"
+ config = "apt/${::operatingsystem}/listchanges_${::lsbrelease}.erb"
+ frontend = 'pager'
+ email = 'root'
+ confirm = 0
+ saveseen = '/var/lib/apt/listchanges.db'
+ which = 'both'

+ Example usage:
+  class { 'apt::listchanges': email => "foo@example.com" }
+ 
 apt::proxy_client
 -----------------

 This class adds the right configuration to apt to make it fetch packages via a
-proxy. The variables $apt_proxy and $apt_proxy_port need to be set (see above).
+proxy. The class parameters apt_proxy and apt_proxy_port need to be set:
+
+You can set the 'proxy' class parameter variable to the URL of the proxy that
+will be used.  By default, the proxy will be queried on port 3142, but you can
+change the port number by setting the 'port' class parameter.
+
+Example:
+
+ class { 'apt::proxy_client': proxy => 'http://proxy.domain', port => '666' }

 apt::reboot_required_notify
 ---------------------------
@ -351,7 +435,7 @@ apt::preseeded_package
 This simplifies installation of packages for which you wish to preseed the
 answers to debconf. For example, if you wish to provide a preseed file for the
 locales package, you would place the locales.seed file in
-'site_apt/templates/$lsbdistcodename/locales.seeds' and then include the
+'site_apt/templates/${::lsbdistcodename}/locales.seeds' and then include the
 following in your manifest:

  apt::preseeded_package { locales: }
@ -374,7 +458,7 @@ meta-parameter to define content inline or with the help of a template.
 Example:

  apt::sources_list { "company_internals.list":
-    source => ["puppet:///modules/site_apt/${fqdn}/company_internals.list",
+    source => ["puppet:///modules/site_apt/${::fqdn}/company_internals.list",
               "puppet:///modules/site_apt/company_internals.list"],
  }

--- a/files/lenny/50unattended-upgrades
+++ b/files/lenny/50unattended-upgrades
@ -0,0 +1,57 @@
+// this file is managed by puppet !
+//
+//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature.
+
+// allowed (origin, archive) pairs
+Unattended-Upgrade::Allowed-Origins {
+	"Debian oldstable";
+	"Debian-Security oldstable";
+//	"Debian testing";
+};
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
+Unattended-Upgrade::Mail "root";
+
+APT::UnattendedUpgrades::LogDir "/var/log/";
+APT::UnattendedUpgrades::LogFile "unattended_upgrades.log";
+
+Unattended-Upgrade::Package-Blacklist {
+	// we don't want the kernel to be updated so nagios still can give a warning if there is
+	// a manual update (and reboot) left
+
+        "linux-image-*";
+
+	// unfortunately there seems to be a bug in unattended-upgrades <= 0.62 that wildcards aren't recognized:
+	//2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-*
+	//2009-12-11 13:41:43,267 INFO Starting unattended upgrades script
+	//2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"]
+	//2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64
+	//2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log'
+	//2009-12-11 13:42:11,988 INFO All upgrades installed
+
+        // lenny
+	"linux-image-2.6.26-1-686";
+	"linux-image-2.6.26-1-amd64";
+        "linux-image-2.6.26-1-xen-686";
+        "linux-image-2.6.26-1-xen-amd64";
+	"linux-image-2.6.26-1-vserver-686";
+	"linux-image-2.6.26-1-vserver-amd64";
+
+	"linux-image-2.6.26-2-686";
+	"linux-image-2.6.26-2-amd64";
+        "linux-image-2.6.26-2-xen-686";
+        "linux-image-2.6.26-2-xen-amd64";
+	"linux-image-2.6.26-2-vserver-686";
+	"linux-image-2.6.26-2-vserver-amd64";
+
+	// squeeze
+	"linux-image-2.6.32-5-686";
+	"linux-image-2.6.32-5-amd64";
+	"linux-image-2.6.32-5-xen-686";
+	"linux-image-2.6.32-5-xen-amd64";
+	"linux-image-2.6.32-5-vserver-686";
+	"linux-image-2.6.32-5-vserver-amd64";
+
+};
+
--- a/files/squeeze/50unattended-upgrades
+++ b/files/squeeze/50unattended-upgrades
--- a/manifests/apticron.pp
+++ b/manifests/apticron.pp
@ -1,53 +1,21 @@
-class apt::apticron {
+class apt::apticron(
+  $ensure_version = 'installed',
+  $config = "apt/${::operatingsystem}/apticron_${::lsbdistcodename}.erb",
+  $email = 'root',
+  $diff_only = '1',
+  $listchanges_profile = 'apticron',
+  $system = false,
+  $ipaddressnum = false,
+  $ipaddresses = false,
+  $notifyholds = '0',
+  $notifynew = '0',
+  $customsubject = ''
+) {

-  case $apticron_ensure_version {
-    '': { $apticron_ensure_version = "present" }
-  }
-
-  case $apticron_config {
-    '': { $apticron_config = "apt/${operatingsystem}/apticron_${lsbdistcodename}.erb" }
-  }
-
-  case $apticron_email {
-    '': { $apticron_email = "root" }
-  }
-
-  case $apticron_diff_only {
-    '': { $apticron_diff_only = "1" }
-  }
-
-  case $apticron_listchanges_profile {
-    '': { $apticron_listchanges_profile = "apticron" }
-  }
-
-  case $apticron_system {
-    '': { $apticron_system = false }
-  }
-
-  case $apticron_ipaddressnum {
-    '': { $apticron_ipaddressnum = false }
-  }
-
-  case $apticron_ipaddresses {
-    '': { $apticron_ipaddresses = false }
-  }
-
-  case $apticron_notifyholds {
-    '': { $apticron_notifyholds = "0" }
-  }
-
-  case $apticron_notifynew {
-    '': { $apticron_notifynew = "0" }
-  }
-
-  case $apticron_customsubject {
-    '': { $apticron_customsubject = "" }
-  }
-  
-  package { apticron: ensure => $apticron_ensure_version }
+  package { apticron: ensure => $ensure_version }

  file { "/etc/apticron/apticron.conf":
-    content => template($apticron_config),
+    content => template($apt::apticron::config),
    mode => 0644, owner => root, group => root,
    require => Package["apticron"];  
  }
--- a/manifests/cron/dist_upgrade.pp
+++ b/manifests/cron/dist_upgrade.pp
@ -10,15 +10,16 @@ dist-upgrade -y -o APT::Get::Show-Upgraded=true -o 'DPkg::Options::=--force-conf

  package { "apt-listbugs": ensure => absent }

-  file {
-    "/etc/cron-apt/action.d/4-dist-upgrade":
-      content => $action,
-      mode => 0644, owner => root, group => 0,
-      require => Package[cron-apt];
-    "/etc/cron-apt/config.d/MAILON":
-      content => "MAILON=upgrade\n",
-      mode => 0644, owner => root, group => 0,
-      require => Package[cron-apt];
+  file { "/etc/cron-apt/action.d/4-dist-upgrade":
+    content => $action,
+    require => Package[cron-apt],
+    owner => root, group => 0, mode => 0644;
+  }
+
+  file { "/etc/cron-apt/config.d/MAILON":
+    content => "MAILON=upgrade\n",
+    require => Package[cron-apt],
+    owner => root, group => 0, mode => 0644;
  }

 }
--- a/manifests/cron/download.pp
+++ b/manifests/cron/download.pp
@ -8,15 +8,16 @@ dist-upgrade -d -y -o APT::Get::Show-Upgraded=true
    ensure => absent,
  }

-  file {
-    "/etc/cron-apt/action.d/3-download":
-      content => $action,
-      mode => 0644, owner => root, group => 0,
-      require => Package[cron-apt];
-    "/etc/cron-apt/config.d/MAILON":
-      content => "MAILON=changes\n",
-      mode => 0644, owner => root, group => 0,
-      require => Package[cron-apt];
+  file { "/etc/cron-apt/action.d/3-download":
+    content => $action,
+    require => Package[cron-apt],
+    owner => root, group => 0, mode => 0644;
+  }
+
+  file { "/etc/cron-apt/config.d/MAILON":
+    content => "MAILON=changes\n",
+    require => Package[cron-apt],
+    owner => root, group => 0, mode => 0644;
  }

 }
--- a/manifests/dist_upgrade/initiator.pp
+++ b/manifests/dist_upgrade/initiator.pp
@ -10,7 +10,7 @@ class apt::dist_upgrade::initiator inherits apt::dist_upgrade {
    path     => "${initiator_abs}",
    checksum => md5,
    source   => [
-                 "puppet:///modules/site_apt/${fqdn}/${initiator}",
+                 "puppet:///modules/site_apt/${::fqdn}/${initiator}",
                 "puppet:///modules/site_apt/${initiator}",
                 "puppet:///modules/apt/${initiator}",
                ],
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -3,59 +3,31 @@
 # Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
 # See LICENSE for the full license granted to you.

-class apt {
-
-  $use_volatile = $apt_volatile_enabled ? {
-    ''      => false,
-    default => $apt_volatile_enabled,
-  }
-
-  $include_src = $apt_include_src ? {
-    ''      => false,
-    default => $apt_include_src,
-  }
-
-  $use_next_release = $apt_use_next_release ? {
-    ''      => false,
-    default => $apt_use_next_release,
-  }
-
-  $debian_url = $apt_debian_url ? {
-    ''      => 'http://http.debian.net/debian/',
-    default => "${apt_debian_url}",
-  }
-  $security_url = $apt_security_url ? {
-    ''      => 'http://security.debian.org/',
-    default => "${apt_security_url}",
-  }
-  $backports_url = $apt_backports_url ? {
-    ''      => 'http://backports.debian.org/debian-backports/',
-    default => "${apt_backports_url}",
-  }
-  $volatile_url = $apt_volatile_url ? {
-    ''      => 'http://volatile.debian.org/debian-volatile/',
-    default => "${apt_volatile_url}",
-  }
-  $ubuntu_url = $apt_ubuntu_url ? {
-    ''      => 'http://archive.ubuntu.com/ubuntu',
-    default => "${apt_ubuntu_url}",
-  }
-  $disable_update = $apt_disable_update ? {
-    ''      => false,
-    default => $apt_disable_update  
-  }
-
-  case $operatingsystem {
+class apt(
+  $codename = '',
+  $use_volatile = false,
+  $include_src = false,
+  $use_next_release = false,
+  $debian_url = 'http://http.debian.net/debian/',
+  $security_url = 'http://security.debian.org/',
+  $backports_url = 'http://backports.debian.org/debian-backports/',
+  $volatile_url = 'http://volatile.debian.org/debian-volatile/',
+  $ubuntu_url = 'http://archive.ubuntu.com/ubuntu',
+  $repos = 'auto',
+  $custom_preferences = '',
+  $disable_update = false
+){
+  case $::operatingsystem {
    'debian': {
-      $repos = $apt_repos ? {
-        ''      => 'main contrib non-free',
-        default => "${apt_repos}",
+      $real_repos = $repos ? {
+        'auto'      => 'main contrib non-free',
+        default => $repos,
      }
    }
    'ubuntu': {
-      $repos = $apt_repos ? {
+      $real_repos = $repos ? {
        ''      => 'main restricted universe multiverse',
-        default => "${apt_repos}",
+        default => $repos,
      }
    }
  }
@ -68,16 +40,15 @@ class apt {
  include lsb

  # init $release, $next_release, $codename, $next_codename, $release_version
-  case $lsbdistcodename {
+  case $codename {
    '': {
-      $codename = $lsbdistcodename
-      $release = $lsbdistrelease
+      $codename = $::lsbdistcodename
+      $release = $::lsbdistrelease
    }
    'n/a': {
      fail("Unknown lsbdistcodename reported by facter: '$lsbdistcodename', please fix this by setting this variable in your manifest.")
-    } 
+    }
    default: {
-      $codename = $lsbdistcodename
      $release = debian_release($codename)
    }
  }
@ -90,23 +61,24 @@ class apt {
    # additional sources should be included via the apt::sources_list define
    "/etc/apt/sources.list":
      content => $custom_sources_list ? {
-        '' => template( "apt/$operatingsystem/sources.list.erb"),
+        '' => template( "apt/${::operatingsystem}/sources.list.erb"),
        default => $custom_sources_list
      },
      mode => 0644, owner => root, group => 0,
      require => Package['lsb'],
      notify => Exec['refresh_apt'],
+      owner => root, group => 0, mode => 0644;
  }

  apt_conf { "02show_upgraded":
-    source => [ "puppet:///modules/site_apt/${fqdn}/02show_upgraded",
+    source => [ "puppet:///modules/site_apt/${::fqdn}/02show_upgraded",
                "puppet:///modules/site_apt/02show_upgraded",
                "puppet:///modules/apt/02show_upgraded" ]
  }

-  if ( $virtual == "vserver" ) {
+  if ( $::virtual == "vserver" ) {
    apt_conf { "03clean_vserver":
-      source => [ "puppet:///modules/site_apt/${fqdn}/03clean_vserver",
+      source => [ "puppet:///modules/site_apt/${::fqdn}/03clean_vserver",
                  "puppet:///modules/site_apt/03clean_vserver",
                  "puppet:///modules/apt/03clean_vserver" ],
      alias => "03clean";
@ -114,7 +86,7 @@ class apt {
  }
  else {
    apt_conf { "03clean":
-      source => [ "puppet:///modules/site_apt/${fqdn}/03clean",
+      source => [ "puppet:///modules/site_apt/${::fqdn}/03clean",
                  "puppet:///modules/site_apt/03clean",
                  "puppet:///modules/apt/03clean" ]
    }
@ -131,13 +103,6 @@ class apt {
    }
  }

-  # backward compatibility: upgrade from previous versions of this module.
-  file {
-    [ "/etc/apt/apt.conf.d/from_puppet", "/etc/apt/apt.conf.d/99from_puppet" ]:
-      ensure  => 'absent',
-      require => [ Apt_conf['02show_upgraded'], Apt_conf['03clean'] ];
-  }
-
  include apt::dot_d_directories

  ## This package should really always be current
--- a/manifests/listchanges.pp
+++ b/manifests/listchanges.pp
@ -1,37 +1,16 @@
-class apt::listchanges {
-
-  case $apt_listchanges_version {
-    '': { $apt_listchanges_version = "present" }
-  }
-
-  case $apt_listchanges_config {
-    '': { $apt_listchanges_config = "apt/${operatingsystem}/listchanges_${lsbdistcodename}.erb" }
-  }
-
-  case $apt_listchanges_frontend {
-    '': { $apt_listchanges_frontend = "mail" }
-  }
-
-  case $apt_listchanges_email {
-    '': { $apt_listchanges_email = "root" }
-  }
-
-  case $apt_listchanges_confirm {
-    '': { $apt_listchanges_confirm = "0" }
-  }
-
-  case $apt_listchanges_saveseen {
-    '': { $apt_listchanges_saveseen = "/var/lib/apt/listchanges.db" }
-  }
-
-  case $apt_listchanges_which {
-    '': { $apt_listchanges_which = "both" }
-  }
-
-  package { apt-listchanges: ensure => $apt_listchanges_ensure_version }
+class apt::listchanges(
+  $ensure_version = 'installed',
+  $config = "apt/${::operatingsystem}/listchanges_${::lsbdistcodename}.erb",
+  $frontend = 'mail',
+  $email = 'root',
+  $confirm = '0',
+  $saveseen = '/var/lib/apt/listchanges.db',
+  $which = 'both'
+){
+  package { apt-listchanges: ensure => $ensure_version }
  
  file { "/etc/apt/listchanges.conf":
-    content => template($apt_listchanges_config),
+    content => template($apt::listchanges::config),
    mode => 0644, owner => root, group => root,
    require => Package["apt-listchanges"];
  }
--- a/manifests/preferences.pp
+++ b/manifests/preferences.pp
@ -2,8 +2,8 @@ class apt::preferences {

  $pref_contents = $custom_preferences ? {
    '' => $operatingsystem ? {
-      'debian' => template("apt/${operatingsystem}/preferences_${codename}.erb"),
-      'ubuntu' => template("apt/${operatingsystem}/preferences_${codename}.erb"),
+      'debian' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"),
+      'ubuntu' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"),
    },
    default => $custom_preferences
  }
--- a/manifests/preseeded_package.pp
+++ b/manifests/preseeded_package.pp
@ -1,12 +1,11 @@
 define apt::preseeded_package ($content = "", $ensure = "installed") {
-  $seedfile = "/var/cache/local/preseeding/$name.seeds"
-  $real_content = $content ? { 
-    ""      => template ( "site_apt/$lsbdistcodename/$name.seeds" ),
-    default => $content
-  }   
+  $seedfile = "/var/cache/local/preseeding/${name}.seeds"

  file { $seedfile:
-    content => $real_content,
+    content => $content ? { 
+      ""      => template ( "site_apt/${::lsbdistcodename}/${name}.seeds" ),
+      default => $content
+    },   
    mode => 0600, owner => root, group => root,
  }   

--- a/manifests/proxy_client.pp
+++ b/manifests/proxy_client.pp
@ -1,14 +1,7 @@
-class apt::proxy_client {
-
-  $real_apt_proxy = $apt_proxy ? {
-    "" => "http://localhost",
-    default => $apt_proxy
-  }
-
-  $real_apt_proxy_port = $apt_proxy_port ? {
-    "" => "3142",
-    default => $apt_proxy_port
-  }
+class apt::proxy_client(
+  $proxy = 'http://localhost',
+  $port = '3142',
+){

  apt_conf { "20proxy":
    content => template("apt/20proxy.erb"),
--- a/manifests/unattended_upgrades.pp
+++ b/manifests/unattended_upgrades.pp
@ -6,10 +6,10 @@ class apt::unattended_upgrades {
  }

  apt_conf { "50unattended-upgrades":
-    source  => ["puppet:///modules/site_apt/$lsbdistcodename/50unattended-upgrades",
-		"puppet:///modules/site_apt/50unattended-upgrades",
-		"puppet:///modules/apt/$lsbdistcodename/50unattended-upgrades",
-		"puppet:///modules/apt/50unattended-upgrades" ],
+    source  => [
+      "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades",
+  		"puppet:///modules/site_apt/50unattended-upgrades",
+	  	"puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades" ],
    require => Package['unattended-upgrades'],
  }

--- a/manifests/update.pp
+++ b/manifests/update.pp
@ -3,7 +3,7 @@ class apt::update {
  exec { 'update_apt':
    command => '/usr/bin/apt-get update && /usr/bin/apt-get autoclean',
    require => [ File['/etc/apt/apt.conf.d', '/etc/apt/preferences' ],
-                 Config_file['/etc/apt/sources.list'] ],
+                 File['/etc/apt/sources.list'] ],
    loglevel => info,
    # Another Semaphor for all packages to reference
    alias => "apt_updated"
--- a/templates/20proxy.erb
+++ b/templates/20proxy.erb
@ -1,5 +1,5 @@
 // This file is managed by Puppet
 // all local modifications will be overwritten

-Acquire::http { Proxy "<%= real_apt_proxy %>:<%= real_apt_proxy_port %>"; };
+Acquire::http { Proxy "<%= proxy %>:<%= port %>"; };
 Acquire::HTTP::Proxy::bugs.debian.org "DIRECT";
--- a/templates/Debian/apticron_lenny.erb
+++ b/templates/Debian/apticron_lenny.erb
@ -2,7 +2,7 @@
 #
 # set EMAIL to a list of addresses which will be notified of impending updates
 #
-EMAIL="<%= apticron_email %>"
+EMAIL="<%= scope.lookupvar('apt::apticron::email') %>"

 #
 # Set DIFF_ONLY to "1" to only output the difference of the current run
@ -10,22 +10,22 @@ EMAIL="<%= apticron_email %>"
 # are no differences, no output/email will be generated. By default, apticron
 # will output everything that needs to be upgraded.
 #
-DIFF_ONLY="<%= apticron_diff_only %>"
+DIFF_ONLY="<%= scope.lookupvar('apt::apticron::diff_only') %>"

 #
 # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges
 # with the --profile option. You should add a corresponding profile to
 # /etc/apt/listchanges.conf
 #
-LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
+LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %>"

 #
 # Set SYSTEM if you would like apticron to use something other than the output
 # of "hostname -f" for the system name in the mails it generates
 #
 # SYSTEM="foobar.example.com"
-<%- if has_variable?('apticron_system') and instance_variable_get("@#{'apticron_system'}").to_s != "false" -%>
-<%= 'SYSTEM="' + instance_variable_get("@#{'apticron_system'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%>
+<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %>
 <%- end -%>

 #
@ -34,8 +34,8 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
 # family type (inet, inet6), if available.
 #
 # IPADDRESSNUM="1"
-<%- if has_variable?('apticron_ipaddressnum') and instance_variable_get("@#{'apticron_ipaddressnum'}").to_s != "false" -%>
-<%= 'IPADDRESSNUM="' + instance_variable_get("@#{'apticron_ipaddressnum'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%>
+<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %>
 <%- end -%>

 #
@ -44,6 +44,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
 # "ip" command
 #
 # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
-<%- if has_variable?('apticron_ipaddresses') and instance_variable_get("@#{'apticron_ipaddresses'}").to_s != "false" -%>
-<%= 'IPADDRESSES="' + instance_variable_get("@#{'apticron_ipaddresses'}").to_s + '"' %>
-<%- end -%>
+<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%>
+<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %>
+<%- end -%>
+
--- a/templates/Debian/apticron_squeeze.erb
+++ b/templates/Debian/apticron_squeeze.erb
@ -3,7 +3,8 @@
 # set EMAIL to a space separated list of addresses which will be notified of
 # impending updates
 #
-EMAIL="<%= apticron_email %>"
+EMAIL="<%= scope.lookupvar('apt::apticron::email') %>"
+

 #
 # Set DIFF_ONLY to "1" to only output the difference of the current run
@ -11,51 +12,54 @@ EMAIL="<%= apticron_email %>"
 # are no differences, no output/email will be generated. By default, apticron
 # will output everything that needs to be upgraded.
 #
-DIFF_ONLY="<%= apticron_diff_only %>"
+DIFF_ONLY="<%= scope.lookupvar('apt::apticron::diff_only') %>"

 #
 # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges
 # with the --profile option. You should add a corresponding profile to
 # /etc/apt/listchanges.conf
 #
-LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
+LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %>"

 #
 # Set SYSTEM if you would like apticron to use something other than the output
 # of "hostname -f" for the system name in the mails it generates
 #
 # SYSTEM="foobar.example.com"
-<%- if has_variable?('apticron_system') and instance_variable_get("@#{'apticron_system'}").to_s != "false" -%>
-<%= 'SYSTEM="' + instance_variable_get("@#{'apticron_system'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%>
+<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %>
 <%- end -%>

+
 #
 # Set IPADDRESSNUM if you would like to configure the maximal number of IP
 # addresses apticron displays. The default is to display 1 address of each
 # family type (inet, inet6), if available.
 #
 # IPADDRESSNUM="1"
-<%- if has_variable?('apticron_ipaddressnum') and instance_variable_get("@#{'apticron_ipaddressnum'}").to_s != "false" -%>
-<%= 'IPADDRESSNUM="' + instance_variable_get("@#{'apticron_ipaddressnum'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%>
+<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %>
 <%- end -%>

+
 #
 # Set IPADDRESSES to a whitespace separated list of reachable addresses for
 # this system. By default, apticron will try to work these out using the
 # "ip" command
 #
 # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
-<%- if has_variable?('apticron_ipaddresses') and instance_variable_get("@#{'apticron_ipaddresses'}").to_s != "false" -%>
-<%= 'IPADDRESSES="' + instance_variable_get("@#{'apticron_ipaddresses'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%>
+<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %>
 <%- end -%>

+
 #
 # Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of
 # packages on hold in your system. The default behavior is downloading and
 # listing them as any other package.
 #
 # NOTIFY_HOLDS="0"
-NOTIFY_HOLDS="<%= apticron_notifyholds %>"
+NOTIFY_HOLDS="<%= scope.lookupvar('apt::apticron::notifyholds') %>"

 #
 # Set NOTIFY_NEW="0" if you don't want to be notified about packages which
@ -67,12 +71,12 @@ NOTIFY_HOLDS="<%= apticron_notifyholds %>"
 # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44
 #
 # NOTIFY_NEW="0"
-NOTIFY_NEW="<%= apticron_notifynew %>"
+NOTIFY_NEW="<%= scope.lookupvar('apt::apticron::notifynew') %>"

 #
 # Set CUSTOM_SUBJECT if you want to replace the default subject used in
 # the notification e-mails. This may help filtering/sorting client-side e-mail.
 #
 # CUSTOM_SUBJECT=""
-CUSTOM_SUBJECT="<%= apticron_customsubject %>"
+CUSTOM_SUBJECT="<%= scope.lookupvar('apt::apticron::customsubject') %>"

--- a/templates/Debian/apticron_wheezy.erb
+++ b/templates/Debian/apticron_wheezy.erb
@ -3,7 +3,7 @@
 # set EMAIL to a space separated list of addresses which will be notified of
 # impending updates
 #
-EMAIL="<%= apticron_email %>"
+EMAIL="<%= scope.lookupvar('apt::apticron::email') %>"

 #
 # Set DIFF_ONLY to "1" to only output the difference of the current run
@ -11,22 +11,22 @@ EMAIL="<%= apticron_email %>"
 # are no differences, no output/email will be generated. By default, apticron
 # will output everything that needs to be upgraded.
 #
-DIFF_ONLY="<%= apticron_diff_only %>"
+DIFF_ONLY="<%= scope.lookupvar('apt::apticron::diff_only') %>"

 #
 # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges
 # with the --profile option. You should add a corresponding profile to
 # /etc/apt/listchanges.conf
 #
-LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
+LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %>"

 #
 # Set SYSTEM if you would like apticron to use something other than the output
 # of "hostname -f" for the system name in the mails it generates
 #
 # SYSTEM="foobar.example.com"
-<%- if has_variable?('apticron_system') and instance_variable_get("@#{'apticron_system'}").to_s != "false" -%>
-<%= 'SYSTEM="' + instance_variable_get("@#{'apticron_system'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%> 
+<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %>
 <%- end -%>

 #
@ -35,8 +35,8 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
 # family type (inet, inet6), if available.
 #
 # IPADDRESSNUM="1"
-<%- if has_variable?('apticron_ipaddressnum') and instance_variable_get("@#{'apticron_ipaddressnum'}").to_s != "false" -%>
-<%= 'IPADDRESSNUM="' + instance_variable_get("@#{'apticron_ipaddressnum'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%>
+<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %>
 <%- end -%>

 #
@ -45,8 +45,8 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
 # "ip" command
 #
 # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
-<%- if has_variable?('apticron_ipaddresses') and instance_variable_get("@#{'apticron_ipaddresses'}").to_s != "false" -%>
-<%= 'IPADDRESSES="' + instance_variable_get("@#{'apticron_ipaddresses'}").to_s + '"' %>
+<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%>
+<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %>
 <%- end -%>

 #
@ -55,7 +55,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>"
 # listing them as any other package.
 #
 # NOTIFY_HOLDS="0"
-NOTIFY_HOLDS="<%= apticron_notifyholds %>"
+NOTIFY_HOLDS="<%= scope.lookupvar('apt::apticron::notifyholds') %>"

 #
 # Set NOTIFY_NEW="0" if you don't want to be notified about packages which
@ -67,7 +67,7 @@ NOTIFY_HOLDS="<%= apticron_notifyholds %>"
 # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44
 #
 # NOTIFY_NEW="0"
-NOTIFY_NEW="<%= apticron_notifynew %>"
+NOTIFY_NEW="<%= scope.lookupvar('apt::apticron::notifynew') %>"


 #
@ -77,4 +77,4 @@ NOTIFY_NEW="<%= apticron_notifynew %>"
 # ='[apticron] :  package update(s)'
 #
 # CUSTOM_SUBJECT=""
-CUSTOM_SUBJECT="<%= apticron_customsubject %>"
+CUSTOM_SUBJECT="<%= scope.lookupvar('apt::apticron::customsubject') %>"
--- a/templates/Debian/listchanges_lenny.erb
+++ b/templates/Debian/listchanges_lenny.erb
@ -1,7 +1,7 @@
 [apt]
-frontend=<%= apt_listchanges_frontend %>
-email_address=<%= apt_listchanges_email %>
-confirm=<%= apt_listchanges_confirm %>
-save_seen=<%= apt_listchanges_saveseen %>
-which=<%= apt_listchanges_which %>
+frontend=<%= scope.lookupvar('apt::listchanges::frontend') %>
+email_address=<%= scope.lookupvar('apt::listchanges::email') %>
+confirm=<%= scope.lookupvar('apt::listchanges::confirm') %>
+save_seen=<%= scope.lookupvar('apt::listchanges::saveseen') %>
+which=<%= scope.lookupvar('apt::listchanges::which') %>

--- a/templates/Debian/preferences_lenny.erb
+++ b/templates/Debian/preferences_lenny.erb
@ -1,6 +1,6 @@
-Explanation: Debian <%= codename %>
+Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
 Package: *
-Pin: release o=Debian,a=<%= release %>,v=<%= release_version %>*
+Pin: release o=Debian,a=<%= scope.lookupvar('apt::release') %>,v=<%= scope.lookupvar('apt::release_version') %>*
 Pin-Priority: 990

 Explanation: Debian backports
@ -8,7 +8,7 @@ Package: *
 Pin: origin backports.debian.org
 Pin-Priority: 200

-Explanation: Debian <%= next_release %>
+Explanation: Debian <%= next_release=scope.lookupvar('apt::next_release') %>
 Package: *
 Pin: release o=Debian,a=<%= next_release %>
 Pin-Priority: 2
--- a/templates/Debian/preferences_squeeze.erb
+++ b/templates/Debian/preferences_squeeze.erb
@ -1,4 +1,4 @@
-Explanation: Debian <%= codename %>
+Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
 Package: *
 Pin: release o=Debian,n=<%= codename %>
 Pin-Priority: 990
@ -8,7 +8,7 @@ Package: *
 Pin: release o=Debian,n=<%= codename %>-updates
 Pin-Priority: 990

-Explanation: Debian <%= next_codename %>
+Explanation: Debian <%= next_codename=scope.lookupvar('apt::next_codename') %>
 Package: *
 Pin: release o=Debian,n=<%= next_codename %>
 Pin-Priority: 2
--- a/templates/Debian/preferences_wheezy.erb
+++ b/templates/Debian/preferences_wheezy.erb
@ -1,4 +1,4 @@
-Explanation: Debian <%= codename %>
+Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
 Package: *
 Pin: release o=Debian,n=<%= codename %>
 Pin-Priority: 990
--- a/templates/Debian/sources.list.erb
+++ b/templates/Debian/sources.list.erb
@ -1,21 +1,21 @@
 # This file is managed by puppet
 # all local modifications will be overwritten

-### Debian current: <%= codename %>
+### Debian current: <%= codename=scope.lookupvar('apt::codename') %>

 # basic
-deb <%= debian_url %> <%= codename %> <%= repos %>
-<% if include_src then -%>
-deb-src <%= debian_url %> <%= codename %> <%= repos %>
+deb <%= debian_url=scope.lookupvar('apt::debian_url') %> <%= codename %> <%= lrepos=scope.lookupvar('apt::real_repos') %>
+<% if scope.lookupvar('apt::include_src')  -%>
+deb-src <%= debian_url %> <%= codename %> <%= lrepos %>
 <% end -%>

 # security
-<% if (release == "unstable" || release == "experimental") -%>
+<% if ((release=scope.lookupvar('apt::release')) == "unstable" || release == "experimental") -%>
 # There is no security support for <%= release %>
 <% else -%>
-deb <%= security_url %> <%= codename %>/updates <%= repos %>
-<% if include_src then -%>
-deb-src <%= security_url %> <%= codename %>/updates <%= repos %>
+deb <%= security_url=scope.lookupvar('apt::security_url') %> <%= codename %>/updates <%= lrepos %>
+<% if include_src -%>
+deb-src <%= security_url %> <%= codename %>/updates <%= lrepos %>
 <% end -%>
 <% end -%>

@ -23,47 +23,47 @@ deb-src <%= security_url %> <%= codename %>/updates <%= repos %>
 <% if (release == "testing" || release == "unstable" || release == "experimental") -%>
 # There is no backports archive for <%= release %>
 <% else -%>
-deb <%= backports_url %> <%= codename %>-backports <%= repos %>
-<% if include_src then -%>
-deb-src <%= backports_url %> <%= codename %>-backports <%= repos %>
+deb <%= backports_url=scope.lookupvar('apt::backports_url') %> <%= codename %>-backports <%= lrepos %>
+<% if include_src -%>
+deb-src <%= backports_url %> <%= codename %>-backports <%= lrepos %>
 <% end -%>
 <% end -%>

-<% if use_volatile -%>
+<% if use_volatile=scope.lookupvar('apt::use_volatile') -%>
 # volatile
 <% if (release == "testing" || release == "unstable" || release == "experimental") -%>
 # There is no volatile archive for <%= release %>
 <% else -%>
 <% if (codename == "lenny" || codename == "etch") -%>
-deb <%= volatile_url %> <%= codename %>/volatile <%= repos %>
-<% if include_src then -%>
-deb-src <%= volatile_url %> <%= codename %>/volatile <%= repos %>
+deb <%= volatile_url=scope.lookupvar('apt::volatile_url') %> <%= codename %>/volatile <%= lrepos %>
+<% if include_src -%>
+deb-src <%= volatile_url %> <%= codename %>/volatile <%= lrepos %>
 <% end -%>
 <% else -%>
-deb <%= debian_url %> <%= codename %>-updates <%= repos %>
-<% if include_src then -%>
-deb-src <%= debian_url %> <%= codename %>-updates <%= repos %>
+deb <%= debian_url %> <%= codename %>-updates <%= lrepos %>
+<% if include_src -%>
+deb-src <%= debian_url %> <%= codename %>-updates <%= lrepos %>
 <% end -%>
 <% end -%>
 <% end -%>
 <% end -%>

-<% if use_next_release then -%>
-### Debian next: <%= next_codename %>
+<% if next_release=scope.lookupvar('apt::use_next_release') -%>
+### Debian next: <%= next_codename=scope.lookupvar('apt::next_codename') %>

 # basic
-deb <%= debian_url %> <%= next_codename %> <%= repos %>
+deb <%= debian_url %> <%= next_codename %> <%= lrepos %>
 <% if include_src then -%>
-deb-src <%= debian_url %> <%= next_codename %> <%= repos %>
+deb-src <%= debian_url %> <%= next_codename %> <%= lrepos %>
 <% end -%>

 # security
 <% if (next_release == "unstable" || next_release == "experimental") -%>
 # There is no security support for <%= next_release %>
 <% else -%>
-deb <%= security_url %> <%= next_codename %>/updates <%= repos %>
+deb <%= security_url %> <%= next_codename %>/updates <%= lrepos %>
 <% if include_src then -%>
-deb-src <%= security_url %> <%= next_codename %>/updates <%= repos %>
+deb-src <%= security_url %> <%= next_codename %>/updates <%= lrepos %>
 <% end -%>
 <% end -%>

@ -73,14 +73,14 @@ deb-src <%= security_url %> <%= next_codename %>/updates <%= repos %>
 # There is no volatile archive for <%= next_release %>
 <% else -%>
 <% if (next_codename == "lenny" || next_codename == "etch") -%>
-deb <%= volatile_url %> <%= next_codename %>/volatile <%= repos %>
+deb <%= volatile_url %> <%= next_codename %>/volatile <%= lrepos %>
 <% if include_src then -%>
-deb-src <%= volatile_url %> <%= next_codename %>/volatile <%= repos %>
+deb-src <%= volatile_url %> <%= next_codename %>/volatile <%= lrepos %>
 <% end -%>
 <% else -%>
-deb <%= debian_url %> <%= next_codename %>-updates <%= repos %>
+deb <%= debian_url %> <%= next_codename %>-updates <%= lrepos %>
 <% if include_src then -%>
-deb-src <%= debian_url %> <%= next_codename %>-updates <%= repos %>
+deb-src <%= debian_url %> <%= next_codename %>-updates <%= lrepos %>
 <% end -%>
 <% end -%>
 <% end -%>
--- a/templates/Ubuntu/preferences_maverick.erb
+++ b/templates/Ubuntu/preferences_maverick.erb
@ -1,4 +1,4 @@
-Explanation: Ubuntu <%= codename %> security 
+Explanation: Ubuntu <%= codename=scope.lookupvar('apt::codename') %> security
 Package: *
 Pin: release o=Ubuntu,a=<%= codename %>-security
 Pin-Priority: 990
@ -18,7 +18,7 @@ Package: *
 Pin: release a=<%= codename %>-backports
 Pin-Priority: 200

-Explanation: Ubuntu <%= next_release %>
+Explanation: Ubuntu <%= next_release=scope.lookupvar('apt::next_release') %>
 Package: *
 Pin: release o=Ubuntu,a=<%= next_release %>
 Pin-Priority: 2
--- a/templates/Ubuntu/sources.list.erb
+++ b/templates/Ubuntu/sources.list.erb
@ -1,26 +1,26 @@
 # This file is managed by puppet
 # all local modifications will be overwritten

-# basic <%= lsbdistcodename %>
-deb <%= ubuntu_url %> <%= lsbdistcodename %> <%= repos %>
-<% if include_src then -%>
-deb-src <%= ubuntu_url %> <%= lsbdistcodename %> <%= repos %>
+# basic <%= codename=scope.lookupvar('apt::codename') %>
+deb <%= ubuntu_url=scope.lookupvar('apt::ubuntu_url') %> <%= codename %> <%= lrepos=scope.lookupvar('apt::real_repos') %>
+<% if include_src=scope.lookupvar('apt::include_src') -%>
+deb-src <%= ubuntu_url %> <%= codename %> <%= lrepos %>
 <% end -%>

 # updates
-deb <%= ubuntu_url %> <%= lsbdistcodename %>-updates <%= repos %>
-<% if include_src then -%>
-deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-updates <%= repos %>
+deb <%= ubuntu_url %> <%= codename %>-updates <%= lrepos %>
+<% if include_src -%>
+deb-src <%= ubuntu_url %> <%= codename %>-updates <%= lrepos %>
 <% end -%>

 # security suppport
-deb <%= ubuntu_url %> <%= lsbdistcodename %>-security <%= repos %>
-<% if include_src then -%>
-deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-security <%= repos %>
+deb <%= ubuntu_url %> <%= codename %>-security <%= lrepos %>
+<% if include_src -%>
+deb-src <%= ubuntu_url %> <%= codename %>-security <%= lrepos %>
 <% end -%>

 # backports
-deb <%= ubuntu_url %> <%= lsbdistcodename %>-backports main <%= repos %>
-<% if include_src then -%>
-deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos %>
+deb <%= ubuntu_url %> <%= codename %>-backports main <%= lrepos %>
+<% if include_src -%>
+deb-src <%= ubuntu_url %> <%= codename %>-backports <%= lrepos %>
 <% end -%>