opuppet/module-apt
4
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge remote branch 'nadir/master' into wip

Browse source 
Conflicts:
	manifests/default_preferences.pp
	manifests/default_sources_list.pp
	manifests/init.pp
	templates/Debian/sources.list.deb-src.erb
	templates/Debian/sources.list.erb
	templates/Debian/sources.list.volatile.erb
	templates/Ubuntu/sources.list.erb
This commit is contained in:
intrigeri 2010-10-17 01:57:55 +02:00
commit bcfb35c969
7 changed files with 93 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
files/50unattended-upgrades Normal file
View file

@ -0,0 +1,57 @@
// this file is managed by puppet !
//
//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature.
// allowed (origin, archive) pairs
Unattended-Upgrade::Allowed-Origins {
"Debian stable";
"Debian-Security stable";
// "Debian testing";
};
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade::Mail "root";
APT::UnattendedUpgrades::LogDir "/var/log/";
APT::UnattendedUpgrades::LogFile "unattended_upgrades.log";
Unattended-Upgrade::Package-Blacklist {
// we don't want the kernel to be updated so nagios still can give a warning if there is
// a manual update (and reboot) left
"linux-image-*";
// unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that wildcards aren't recognized:
//2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-*
//2009-12-11 13:41:43,267 INFO Starting unattended upgrades script
//2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"]
//2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64
//2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log'
//2009-12-11 13:42:11,988 INFO All upgrades installed
// lenny
"linux-image-2.6.26-1-686";
"linux-image-2.6.26-1-amd64";
"linux-image-2.6.26-1-xen-686";
"linux-image-2.6.26-1-xen-amd64";
"linux-image-2.6.26-1-vserver-686";
"linux-image-2.6.26-1-vserver-amd64";
"linux-image-2.6.26-2-686";
"linux-image-2.6.26-2-amd64";
"linux-image-2.6.26-2-xen-686";
"linux-image-2.6.26-2-xen-amd64";
"linux-image-2.6.26-2-vserver-686";
"linux-image-2.6.26-2-vserver-amd64";
// squeeze
"linux-image-2.6.32-5-686";
"linux-image-2.6.32-5-amd64";
"linux-image-2.6.32-5-xen-686";
"linux-image-2.6.32-5-xen-amd64";
"linux-image-2.6.32-5-vserver-686";
"linux-image-2.6.32-5-vserver-amd64";
};

10
manifests/custom_sources.pp Normal file
View file

@ -0,0 +1,10 @@
define apt::custom_sources_template ($sources_file = "") {
file { "/etc/apt/sources.list.d/$sources_file":
content => template($name),
}
exec { "/usr/bin/apt-get update":
subscribe => File["/etc/apt/sources.list.d/$sources_file"],
refreshonly => true,
}
}

2
manifests/default_preferences.pp
View file

@ -10,7 +10,7 @@ class apt::default_preferences {
# only update together
require => File["/etc/apt/sources.list"];
# little default settings which keep the system sane
"/etc/apt/apt.conf.d/from_puppet":
"/etc/apt/apt.conf.d/99from_puppet":
content => "APT::Get::Show-Upgraded true;\nDSelect::Clean $real_apt_clean;\n",
before => Config_file[apt_config];
}

1
manifests/default_sources_list.pp
View file

@ -4,6 +4,7 @@ class apt::default_sources_list {
# additional sources could be included via an array
"/etc/apt/sources.list":
content => template("apt/${operatingsystem}/sources.list.erb"),
require => Package['lsb'];
}
}

35
manifests/init.pp
View file

@ -5,6 +5,8 @@
class apt {
import "custom_sources.pp"
# See README
$real_apt_clean = $apt_clean ? {
'' => 'auto',
@ -124,28 +126,21 @@ class apt {
package { "debian-archive-keyring": ensure => latest }
# backports uses the normal archive key now
package { "debian-backports-keyring": ensure => absent }
case $custom_key_dir {
'': {
exec { "/bin/true # no_custom_keydir": }
if $custom_key_dir {
file { "${apt_base_dir}/keys.d":
source => "$custom_key_dir",
recurse => true,
mode => 0755, owner => root, group => root,
}
default: {
file { "${apt_base_dir}/keys.d":
source => "$custom_key_dir",
recurse => true,
mode => 0755, owner => root, group => root,
}
exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
alias => "custom_keys",
subscribe => File["${apt_base_dir}/keys.d"],
refreshonly => true,
before => Config_file["apt_config"];
}
exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
alias => "custom_keys",
subscribe => File["${apt_base_dir}/keys.d"],
refreshonly => true,
before => Config_file[apt_config];
}
}
# workaround for preseeded_package component
file { "/var/cache": ensure => directory }
file { "/var/cache/local": ensure => directory }
file { "/var/cache/local/preseeding": ensure => directory }
}
file { [ "/var/cache", "/var/cache/local", "/var/cache/local/preseeding" ]: ensure => directory }
}

12
manifests/unattended_upgrades.pp
View file

@ -5,11 +5,11 @@ class apt::unattended_upgrades {
}
config_file {
"/etc/apt/apt.conf.d/unattended_upgrades":
content => 'APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
',
before => Config_file[apt_config],
require => Package['unattended-upgrades'],
"/etc/apt/apt.conf.d/50unattended-upgrades":
source => ["puppet:///modules/site-apt/50unattended-upgrades",
"puppet:///modules/apt/50unattended-upgrades" ],
before => Config_file[apt_config],
require => Package['unattended-upgrades'],
}
}

3
templates/Ubuntu/sources.list.erb
View file

@ -20,3 +20,6 @@ deb-src http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-security main
# backports
deb http://archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-backports main universe multiverse restricted
<% if include_src then -%>
deb-src http://archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-backports main universe multiverse restricted
<% end -%>