Added apt::unattended_upgrades class, and extra template for "deb-src"

README

@@ -72,11 +72,30 @@ apt keyring, you can set this variable to a path in your fileserver
 where individual key files can be placed. If this is set and keys
 exist there, this module will apt-key add each key
 
+$backports_enabled
+------------------
+If set to true, the debian backports repository is enabled through a 
+file in /etc/apt/sources.d/. Defaults to false.
+
+$apt_deb_src_enabled
+--------------------
+If set to true, the debian sources repository is enabled through a 
+file in /etc/apt/sources.d/. Defaults to false.
+
+
 Classes
 =======
+apt
+---
+Sets up the basic apt package management.
 
-This module contains only the apt class, which sets up all described
+apt::unattended_upgrades
-functionality.
+------------------------
+Sets up the unattended-upgrades package, and configures it mostly through 
+the file /etc/apt/apt.conf.d/50unattended-upgrades.
+Unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that 
+wildcards aren't recognized, so use it with care !
+http://packages.debian.org/de/lenny/unattended-upgrades
 
 
 Resources

files/50unattended-upgrades

@@ -0,0 +1,43 @@
+// this file is managed by puppet !
+//
+//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature.
+
+// allowed (origin, archive) pairs
+Unattended-Upgrade::Allowed-Origins {
+	"Debian stable";
+	"Debian-Security stable";
+//	"Debian testing";
+};
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
+Unattended-Upgrade::Mail "root";
+
+APT::UnattendedUpgrades::LogDir "/var/log/";
+APT::UnattendedUpgrades::LogFile "unattended_upgrades.log";
+
+Unattended-Upgrade::Package-Blacklist {
+	// we don't want the kernel to be updated so nagios still can give a warnig if there is 
+	// a manual update (and reboot) left
+	
+        "linux-image-*";
+	
+	// unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that wildcards aren't recognized:
+	//2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-*
+	//2009-12-11 13:41:43,267 INFO Starting unattended upgrades script
+	//2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"]
+	//2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64
+	//2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log'
+	//2009-12-11 13:42:11,988 INFO All upgrades installed
+        
+	"linux-image-2.6.18-5-vserver-686";
+	"linux-image-2.6.18-5-xen-vserver-686";
+        "linux-image-2.6.18-6-vserver-686";
+	"linux-image-2.6.18-6-xen-vserver-686";
+        "linux-image-2.6.24.3";
+        "linux-image-2.6.26-1-686";
+        "linux-image-2.6.26-2-xen-amd64";
+        "linux-image-2.6.26-2-xen-686";
+	"linux-image-2.6.26-2-amd64";
+};
+

manifests/init.pp

@@ -3,6 +3,7 @@
 # Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
 # See LICENSE for the full license granted to you.
 
+
 class apt {
 
 	# See README
@@ -16,6 +17,11 @@ class apt {
 		default => $backports_enabled,
 	}
 	
+	$apt_deb_src_enabled = $apt_deb_src_enabled ? {
+		'true' => 'true',
+		default => $apt_deb_src_enabled,
+	}
+
 	package { apt: ensure => installed }
 
 	# a few templates need lsbdistcodename
@@ -150,7 +156,17 @@ class apt {
 	  default: { }
 	}
 
-    
+	case $apt_deb_src_enabled {
+	  'true': {   
+	      config_file {
+		      # deb-src
+		      "/etc/apt/sources.list.d/debian-sources.list":
+			      content => template("apt/sources.list.deb-src.erb"),
+			      require => Exec[assert_lsbdistcodename];
+	      }
+	  }		
+   	  default: {}
+ 	}
 
         case $custom_key_dir {
           '': {
@@ -226,3 +242,18 @@ class dselect {
 
 	package { dselect: ensure => installed }
 }
+
+
+class apt::unattended_upgrades {
+    case $operatingsystem {
+        debian,ubuntu: { 
+                package {       unattended-upgrades : ensure => latest; }
+                file { "/etc/apt/apt.conf.d/50unattended-upgrades": 
+                        source  => "puppet://$server/modules/apt/50unattended-upgrades" }
+        }
+
+        default: { notice "unknown operatingsystem: $operatingsystem for class apt::unattended_upgrades" }
+    }
+
+}
+

templates/sources.list.deb-src.erb

@@ -0,0 +1,11 @@
+# This file is brought to you by puppet
+
+# basic <%= lsbdistcodename %>
+deb-src http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free
+# security suppport
+<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%>
+# There is no security mirror for <%= lsbdistcodename %>
+<% else -%>
+deb-src http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free
+<% end -%>
+