module-apt/templates/50unattended-upgrades.erb
Jerome Charaoui f8980538c1 Improve unattended-upgrades origin selectors
* On squeeze, use release fact instead of hardcoded release name
  * On wheezy, special-case because codename selector is not available
  * On jessie and up, start pulling in point-release updates. The
    codename selector ensures that we won't be upgrading to a new
    release automatically.
2015-10-09 16:39:19 -04:00

38 sor
1,4 KiB
Text

// this file is managed by puppet !
<% if scope.lookupvar('::operatingsystem') == 'Ubuntu' -%>
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
"${distro_id}:${distro_codename}-updates";
"${distro_id}:${distro_codename}-backports";
<% elsif scope.lookupvar('::operatingsystem') == 'Debian' and scope.lookupvar('::debian_codename') == 'squeeze' -%>
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:<%= scope.lookupvar('::debian_release') %>";
"${distro_id}:squeeze-lts";
<% elsif scope.lookupvar('::operatingsystem') == 'Debian' and scope.lookupvar('::debian_codename') == 'wheezy' -%>
Unattended-Upgrade::Origins-Pattern {
"origin=Debian,archive=<%= scope.lookupvar('::debian_release') %>,label=Debian-Security";
"origin=Debian,archive=${distro_codename}-lts";
<% else -%>
Unattended-Upgrade::Origins-Pattern {
"origin=Debian,codename=${distro_codename},label=Debian";
"origin=Debian,codename=${distro_codename},label=Debian-Security";
<% end -%>
};
<% if not @blacklisted_packages.empty? -%>
Unattended-Upgrade::Package-Blacklist {
<% @blacklisted_packages.each do |pkg| -%>
"<%= pkg %>";
<% end -%>
};
<% end -%>
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade::Mail "<%= @mail_recipient -%>";
<% if @mailonlyonerror -%>
Unattended-Upgrade::MailOnlyOnError "true";
<% end -%>