aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-03-31 14:50:07 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-03-31 14:50:07 -0300
commitb65996f7ae03d2bae118855a3c4d94a3947e556d (patch)
tree5bab8e5c3663aaabca34ebcee3c706c4fbc35cb5
parentb0425c65ecc61c6af3f31fba577b1e1c5d880674 (diff)
parent8c8bd7bb1e5cc0f5297db9629ece783452233d1f (diff)
downloadpuppet-apt-develop.tar.gz
puppet-apt-develop.tar.bz2
Merge remote-tracking branch 'shared/master' into developHEADmasterdevelop
Conflicts: README files/Debian/50unattended-upgrades.lenny files/Debian/50unattended-upgrades.wheezy manifests/init.pp manifests/params.pp manifests/unattended_upgrades.pp templates/Debian/preferences_jessie.erb templates/Debian/sources.list.erb
-rw-r--r--.gitignore12
-rw-r--r--.gitlab-ci.yml12
-rw-r--r--Gemfile13
-rw-r--r--README181
-rw-r--r--Rakefile19
-rw-r--r--files/Debian/50unattended-upgrades.lenny13
-rw-r--r--files/Debian/50unattended-upgrades.wheezy14
-rw-r--r--lib/facter/debian_codename.rb42
-rw-r--r--lib/facter/debian_lts.rb16
-rw-r--r--lib/facter/debian_nextcodename.rb23
-rw-r--r--lib/facter/debian_nextrelease.rb23
-rw-r--r--lib/facter/debian_release.rb38
-rw-r--r--lib/facter/ubuntu_codename.rb8
-rw-r--r--lib/facter/ubuntu_nextcodename.rb20
-rw-r--r--lib/facter/util/debian.rb18
-rw-r--r--lib/facter/util/ubuntu.rb21
-rw-r--r--lib/puppet/parser/functions/debian_nextcodename.rb13
-rw-r--r--lib/puppet/parser/functions/debian_nextrelease.rb11
-rw-r--r--lib/puppet/parser/functions/debian_release.rb12
-rw-r--r--lib/puppet/parser/functions/debian_release_version.rb11
-rw-r--r--manifests/apt_conf.pp2
-rw-r--r--manifests/apticron.pp2
-rw-r--r--manifests/dist_upgrade.pp11
-rw-r--r--manifests/dot_d_directories.pp11
-rw-r--r--manifests/dselect.pp9
-rw-r--r--manifests/init.pp65
-rw-r--r--manifests/key.pp13
-rw-r--r--manifests/key/plain.pp13
-rw-r--r--manifests/listchanges.pp2
-rw-r--r--manifests/params.pp18
-rw-r--r--manifests/preferences.pp4
-rw-r--r--manifests/preferences_snippet.pp8
-rw-r--r--manifests/preseeded_package.pp2
-rw-r--r--manifests/sources_list.pp10
-rw-r--r--manifests/unattended_upgrades.pp45
-rw-r--r--manifests/update.pp12
-rw-r--r--manifests/upgrade_package.pp15
-rw-r--r--spec/spec_helper.rb12
-rw-r--r--spec/unit/custom_facts_spec.rb86
-rw-r--r--templates/20proxy.erb2
-rw-r--r--templates/50unattended-upgrades.erb38
l---------templates/Debian/apticron_jessie.erb1
-rw-r--r--templates/Debian/apticron_lenny.erb18
-rw-r--r--templates/Debian/apticron_squeeze.erb18
-rw-r--r--templates/Debian/apticron_wheezy.erb18
l---------templates/Debian/listchanges_jessie.erb1
-rw-r--r--templates/Debian/preferences_jessie.erb8
-rw-r--r--templates/Debian/preferences_lenny.erb6
-rw-r--r--templates/Debian/preferences_squeeze.erb9
-rw-r--r--templates/Debian/preferences_wheezy.erb2
-rw-r--r--templates/Debian/sources.list.erb84
-rw-r--r--templates/Ubuntu/preferences_maverick.erb4
l---------templates/Ubuntu/preferences_utopic.erb1
l---------templates/Ubuntu/preferences_vivid.erb1
l---------templates/Ubuntu/preferences_wily.erb1
l---------templates/Ubuntu/preferences_xenial.erb1
-rw-r--r--templates/Ubuntu/sources.list.erb14
-rw-r--r--templates/preferences_snippet.erb6
-rw-r--r--templates/preferences_snippet_release.erb6
59 files changed, 751 insertions, 348 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a54aa97
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,12 @@
+/pkg/
+/Gemfile.lock
+/vendor/
+/spec/fixtures/manifests/*
+/spec/fixtures/modules/*
+!/spec/fixtures/modules/apt
+!/spec/fixtures/modules/apt/*
+/.vagrant/
+/.bundle/
+/coverage/
+/.idea/
+*.iml
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..f7b8eca
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,12 @@
+before_script:
+ - ruby -v
+ - gem install bundler --no-ri --no-rdoc
+ - bundle install --jobs $(nproc) "${FLAGS[@]}"
+
+# don't fail on lint warnings
+rspec:
+ script:
+ - bundle exec rake lint || /bin/true
+ - bundle exec rake syntax
+ - bundle exec rake validate
+ - bundle exec rake spec
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..8925a90
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,13 @@
+source "https://rubygems.org"
+
+group :test do
+ gem "rake"
+ gem "rspec", '< 3.2.0'
+ gem "puppet", ENV['PUPPET_VERSION'] || ENV['GEM_PUPPET_VERSION'] || ENV['PUPPET_GEM_VERSION'] || '~> 3.7.0'
+ gem "facter", ENV['FACTER_VERSION'] || ENV['GEM_FACTER_VERSION'] || ENV['FACTER_GEM_VERSION'] || '~> 2.2.0'
+ gem "rspec-puppet"
+ gem "puppetlabs_spec_helper"
+ gem "metadata-json-lint"
+ gem "rspec-puppet-facts"
+ gem "mocha"
+end
diff --git a/README b/README
index 35a88b2..e097a7e 100644
--- a/README
+++ b/README
@@ -17,6 +17,24 @@ Ubuntu support is lagging behind but not absent either.
! Upgrade Notice !
+ * The `disable_update` parameter has been removed. The main apt class
+ defaults to *not* run an `apt-get update` on every run anyway so this
+ parameter seems useless.
+ You can include the `apt::update` class if you want it to be run every time.
+
+ * The `apt::upgrade_package` now doesn't automatically call an Exec['apt_updated']
+ anymore, so you would need to include `apt::update` now by hand.
+
+ * The apt::codename parameter has been removed. In its place, the
+ debian_codename fact may be overridden via an environment variable. This
+ will affect all other debian_* facts, and achieve the same result.
+
+ FACTER_debian_codename=jessie puppet agent -t
+
+ * If you were using custom 50unattended-upgrades.${::lsbdistcodename} in your
+ site_apt, these are no longer supported. You should migrate to passing
+ $blacklisted_packages to the apt::unattended_upgrades class.
+
* the apt class has been moved to a paramterized class. if you were including
this class before, after passing some variables, you will need to move to
instantiating the class with those variables instead. For example, if you
@@ -89,8 +107,9 @@ Requirements
This module needs:
-- the lsb module: git://labs.riseup.net/shared-lsb
-- the common module: git://labs.riseup.net/shared-common
+- the lsb-release package should be installed on the server prior to running
+ puppet. otherwise, all of the $::lsb* facts will be empty during runs.
+- the common module: https://gitlab.com/shared-puppet-modules-group/common
By default, on normal hosts, this module sets the configuration option
DSelect::Clean to 'auto'. On virtual servers, the value is set by default to
@@ -113,22 +132,6 @@ the site_apt modules' files directory that is named the same as the
host. (example: site_apt/files/some.host.com/03clean, or
site_apt/files/some.host.com/03clean_vserver)
-Variables
-=========
-
-$custom_sources_list
---------------------
-
-By default this module will use a basic apt/sources.list template with
-a generic Debian mirror. If you need to set more specific sources,
-e.g. changing the sections included in the source, etc. you can set
-this variable to the content that you desire to use instead.
-
-For example, setting the following variable before including this class will
-pull in the templates/site_apt/sources.list file:
-
- $custom_sources_list = template('site_apt/sources.list')
-
Classes
=======
@@ -144,11 +147,18 @@ Example usage:
Class parameters:
+* use_lts
+
+ If this variable is set to true the CODENAME-lts sources (such as
+ squeeze-lts) are added.
+
+ By default this is false for backward compatibility with older
+ versions of this module.
+
* use_volatile
- If this variable is set to true the Debian Volatile sources (until
- Lenny) or CODENAME-updates (such as squeeze-updates, supported since
- Squeeze) are added.
+ If this variable is set to true the CODENAME-updates sources (such as
+ squeeze-updates) are added.
By default this is false for backward compatibility with older
versions of this module.
@@ -186,19 +196,10 @@ Class parameters:
If this variable is set the default repositories list ("main contrib non-free")
is overriden.
-* disable_update
-
- Disable "apt-get update" which is normally triggered by apt::upgrade_package
- and apt::dist_upgrade.
-
- Note that nodes can be updated once a day by using
- APT::Periodic::Update-Package-Lists "1";
- in i.e. /etc/apt/apt.conf.d/80_apt_update_daily.
-
* custom_preferences
- Since Debian Lenny's version of APT doesn't support the use of the
- preferences.d directory for putting fragments of 'preferences', this
+ For historical reasons (Debian Lenny's version of APT did not support the use
+ of the preferences.d directory for putting fragments of 'preferences'), this
module will manage a default generic apt/preferences file with more
recent releases pinned to very low values so that any package
installation will not accidentally pull in packages from those suites
@@ -214,14 +215,17 @@ Class parameters:
class { 'apt': custom_preferences => false }
-* codename
+* custom_sources_list
+
+ By default this module will use a basic apt/sources.list template with
+ a generic Debian mirror. If you need to set more specific sources,
+ e.g. changing the sections included in the source, etc. you can set
+ this variable to the content that you desire to use instead.
- Contains the codename ("squeeze", "wheezy", ...) of the client's release. While
- these values come from lsb-release by default, this parameter can be set
- manually, e.g. to enable forced upgrades. For example:
+ For example, setting this variable will pull in the
+ templates/site_apt/sources.list file:
- include apt::dist_upgrade
- class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] }
+ class { 'apt': custom_sources_list => template('site_apt/sources.list') }
* custom_key_dir
@@ -291,9 +295,6 @@ classes may inherit from this one and add to its subscription list
using the plusignment ('+>') operator. A real-world example can be
seen in the apt::dist_upgrade::initiator source.
-When this class is included the APT indexes are updated on every
-Puppet run due to the author's lack of Puppet wizardry.
-
apt::dist_upgrade::initiator
----------------------------
@@ -367,6 +368,28 @@ apt::unattended_upgrades
If this class is included, it will install the package 'unattended-upgrades'
and configure it to daily upgrade the system.
+The class has the following parameters that you can use to change the contents
+of the configuration file. The values shown here are the default values:
+
+ * $config_content = undef
+ * $config_template = 'apt/50unattended-upgrades.erb'
+ * $mailonlyonerror = true
+ * $mail_recipient = 'root'
+ * $blacklisted_packages = []
+
+Note that using $config_content actually specifies all of the configuration
+contents and thus makes the other parameters useless.
+
+example:
+
+ class { 'apt::unattended_upgrades':
+ config_template => 'site_apt/50unattended-upgrades.jessie',
+ blacklisted_packages => [
+ 'libc6', 'libc6-dev', 'libc6-i686', 'mysql-server', 'redmine', 'nodejs',
+ 'bird'
+ ],
+ }
+
Defines
=======
@@ -445,15 +468,57 @@ apt::sources_list
Creates a file in the apt/sources.list.d directory to easily add additional apt
sources. One can use either the 'source' meta-parameter to specify a list of
static files to include from the puppet fileserver or the 'content'
-meta-parameter to define content inline or with the help of a template.
+meta-parameter to define content inline or with the help of a template. Ending
+the resource name in '.list' is optional: it will be automatically added to the
+file name if not present in the resource name.
Example:
- apt::sources_list { 'company_internals.list':
+ apt::sources_list { 'company_internals':
source => [ "puppet:///modules/site_apt/${::fqdn}/company_internals.list",
'puppet:///modules/site_apt/company_internals.list' ],
}
+apt::key
+--------
+
+Deploys a secure apt OpenPGP key. This usually accompanies the
+sources.list snippets above for third party repositories. For example,
+you would do:
+
+ apt::key { 'neurodebian.gpg':
+ ensure => present,
+ source => 'puppet:///modules/site_apt/neurodebian.gpg',
+ }
+
+This deploys the key in the `/etc/apt/trusted.gpg.d` directory, which
+is assumed by secure apt to be binary OpenPGP keys and *not*
+"ascii-armored" or "plain text" OpenPGP key material. For the latter,
+use `apt::key::plain`.
+
+The `.gpg` extension is compulsory for `apt` to pickup the key properly.
+
+apt::key::plain
+---------------
+
+Deploys a secure apt OpenPGP key. This usually accompanies the
+sources.list snippets above for third party repositories. For example,
+you would do:
+
+ apt::key::plain { 'neurodebian.asc':
+ source => 'puppet:///modules/site_apt/neurodebian.asc',
+ }
+
+This deploys the key in the `${apt_base_dir}/keys` directory (as
+opposed to `$custom_key_dir` which deploys it in `keys.d`). The reason
+this exists on top of `$custom_key_dir` is to allow a more
+decentralised distribution of those keys, without having all modules
+throw their keys in the same directory in the manifests.
+
+Note that this model does *not* currently allow keys to be removed!
+Use `apt::key` instead for a more practical, revokable approach, but
+that needs binary keys.
+
apt::upgrade_package
--------------------
@@ -486,19 +551,35 @@ Exec['apt_updated']
-------------------
After this point the APT indexes are up-to-date.
+This resource is set to `refreshonly => true` so it is not run on
+every puppetrun. To run this every time, you can include the `apt::update`
+class.
This resource is usually used like this to ensure current packages are
installed by Package resources:
- include apt::update
- Package { require => Exec['apt_updated'] }
+ include apt::update
+ Package { require => Exec['apt_updated'] }
+
+Note that nodes can be updated once a day by using
+
+ APT::Periodic::Update-Package-Lists "1";
+
+in i.e. /etc/apt/apt.conf.d/80_apt_update_daily.
+
+
+Tests
+=====
+
+To run pupept rspec tests:
+
+ bundle install --path vendor/bundle
+ bundle exec rake spec
-Please note that the apt::upgrade_package define automatically uses
-this resource so you don't have to manage this yourself if you need to
-make sure APT indexes are up-to-date before a package upgrade is
-attempted, but don't want "apt-get update" to happen on every Puppet
-run.
+Using different facter/puppet versions:
+ FACTER_GEM_VERSION=1.6.10 PUPPET_GEM_VERSION=2.7.23 bundle install --path vendor/bundle
+ bundle exec rake spec
Licensing
=========
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..85326bb
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,19 @@
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-lint/tasks/puppet-lint'
+PuppetLint.configuration.send('disable_80chars')
+PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
+
+desc "Validate manifests, templates, and ruby files"
+task :validate do
+ Dir['manifests/**/*.pp'].each do |manifest|
+ sh "puppet parser validate --noop #{manifest}"
+ end
+ Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file|
+ sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/
+ end
+ Dir['templates/**/*.erb'].each do |template|
+ sh "erb -P -x -T '-' #{template} | ruby -c"
+ end
+end
+
+task :test => [:lint, :syntax , :validate, :spec]
diff --git a/files/Debian/50unattended-upgrades.lenny b/files/Debian/50unattended-upgrades.lenny
deleted file mode 100644
index d55bb29..0000000
--- a/files/Debian/50unattended-upgrades.lenny
+++ /dev/null
@@ -1,13 +0,0 @@
-// this file is managed by puppet !
-
-Unattended-Upgrade::Allowed-Origins {
- "Debian oldstable";
- "Debian-Security oldstable";
-};
-
-APT::Periodic::Update-Package-Lists "1";
-APT::Periodic::Download-Upgradeable-Packages "1";
-APT::Periodic::Unattended-Upgrade "1";
-
-Unattended-Upgrade::Mail "root";
-
diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy
deleted file mode 100644
index 0901ad3..0000000
--- a/files/Debian/50unattended-upgrades.wheezy
+++ /dev/null
@@ -1,14 +0,0 @@
-// this file is managed by puppet !
-
-Unattended-Upgrade::Allowed-Origins {
- "${distro_id}:stable";
- "${distro_id}:${distro_codename}-security";
- "${distro_id}:${distro_codename}-updates";
- "${distro_id} Backports:${distro_codename}-backports";
-};
-
-APT::Periodic::Update-Package-Lists "1";
-APT::Periodic::Download-Upgradeable-Packages "1";
-APT::Periodic::Unattended-Upgrade "1";
-
-Unattended-Upgrade::Mail "root";
diff --git a/lib/facter/debian_codename.rb b/lib/facter/debian_codename.rb
new file mode 100644
index 0000000..254877a
--- /dev/null
+++ b/lib/facter/debian_codename.rb
@@ -0,0 +1,42 @@
+begin
+ require 'facter/util/debian'
+rescue LoadError
+ require "#{File.dirname(__FILE__)}/util/debian"
+end
+
+def version_to_codename(version)
+ if Facter::Util::Debian::CODENAMES.has_key?(version)
+ return Facter::Util::Debian::CODENAMES[version]
+ else
+ Facter.warn("Could not determine codename from version '#{version}'")
+ end
+end
+
+Facter.add(:debian_codename) do
+ has_weight 99
+ confine :operatingsystem => 'Debian'
+ setcode do
+ Facter.value('lsbdistcodename')
+ end
+end
+
+Facter.add(:debian_codename) do
+ has_weight 66
+ confine :operatingsystem => 'Debian'
+ setcode do
+ version_to_codename(Facter.value('operatingsystemmajrelease'))
+ end
+end
+
+Facter.add(:debian_codename) do
+ has_weight 33
+ confine :operatingsystem => 'Debian'
+ setcode do
+ debian_version = File.open('/etc/debian_version', &:readline)
+ if debian_version.match(/^\d+/)
+ version_to_codename(debian_version.scan(/^(\d+)/)[0][0])
+ elsif debian_version.match(/^[a-z]+\/(sid|unstable)/)
+ debian_version.scan(/^([a-z]+)\//)[0][0]
+ end
+ end
+end
diff --git a/lib/facter/debian_lts.rb b/lib/facter/debian_lts.rb
new file mode 100644
index 0000000..f53a9eb
--- /dev/null
+++ b/lib/facter/debian_lts.rb
@@ -0,0 +1,16 @@
+begin
+ require 'facter/util/debian'
+rescue LoadError
+ require "#{File.dirname(__FILE__)}/util/debian"
+end
+
+Facter.add(:debian_lts) do
+ confine :operatingsystem => 'Debian'
+ setcode do
+ if Facter::Util::Debian::LTS.include? Facter.value('debian_codename')
+ true
+ else
+ false
+ end
+ end
+end
diff --git a/lib/facter/debian_nextcodename.rb b/lib/facter/debian_nextcodename.rb
new file mode 100644
index 0000000..c4c569b
--- /dev/null
+++ b/lib/facter/debian_nextcodename.rb
@@ -0,0 +1,23 @@
+begin
+ require 'facter/util/debian'
+rescue LoadError
+ require "#{File.dirname(__FILE__)}/util/debian"
+end
+
+def debian_codename_to_next(codename)
+ if codename == "sid"
+ return "experimental"
+ else
+ codenames = Facter::Util::Debian::CODENAMES
+ versions = Facter::Util::Debian::CODENAMES.invert
+ current_version = versions[codename]
+ return codenames[(current_version.to_i + 1).to_s]
+ end
+end
+
+Facter.add(:debian_nextcodename) do
+ confine :operatingsystem => 'Debian'
+ setcode do
+ debian_codename_to_next(Facter.value('debian_codename'))
+ end
+end
diff --git a/lib/facter/debian_nextrelease.rb b/lib/facter/debian_nextrelease.rb
new file mode 100644
index 0000000..2a9c4f5
--- /dev/null
+++ b/lib/facter/debian_nextrelease.rb
@@ -0,0 +1,23 @@
+def debian_release_to_next(release)
+ releases = [
+ 'oldoldoldstable',
+ 'oldoldstable',
+ 'oldstable',
+ 'stable',
+ 'testing',
+ 'unstable',
+ 'experimental',
+ ]
+ if releases.include? release
+ if releases.index(release)+1 < releases.count
+ return releases[releases.index(release)+1]
+ end
+ end
+end
+
+Facter.add(:debian_nextrelease) do
+ confine :operatingsystem => 'Debian'
+ setcode do
+ debian_release_to_next(Facter.value('debian_release'))
+ end
+end
diff --git a/lib/facter/debian_release.rb b/lib/facter/debian_release.rb
new file mode 100644
index 0000000..2c334cc
--- /dev/null
+++ b/lib/facter/debian_release.rb
@@ -0,0 +1,38 @@
+begin
+ require 'facter/util/debian'
+rescue LoadError
+ require "#{File.dirname(__FILE__)}/util/debian"
+end
+
+def debian_codename_to_release(codename)
+ stable = Facter::Util::Debian::STABLE
+ versions = Facter::Util::Debian::CODENAMES.invert
+ release = nil
+ if codename == "sid"
+ release = "unstable"
+ elsif versions.has_key? codename
+ version = versions[codename].to_i
+ if version == stable
+ release = "stable"
+ elsif version < stable
+ release = "stable"
+ for i in version..stable - 1
+ release = "old" + release
+ end
+ elsif version == stable + 1
+ release = "testing"
+ end
+ end
+ if release.nil?
+ Facter.warn("Could not determine release from codename #{codename}!")
+ end
+ return release
+end
+
+Facter.add(:debian_release) do
+ has_weight 99
+ confine :operatingsystem => 'Debian'
+ setcode do
+ debian_codename_to_release(Facter.value('debian_codename'))
+ end
+end
diff --git a/lib/facter/ubuntu_codename.rb b/lib/facter/ubuntu_codename.rb
new file mode 100644
index 0000000..814fd94
--- /dev/null
+++ b/lib/facter/ubuntu_codename.rb
@@ -0,0 +1,8 @@
+Facter.add(:ubuntu_codename) do
+ confine :operatingsystem => 'Ubuntu'
+ setcode do
+ Facter.value('lsbdistcodename')
+ end
+end
+
+
diff --git a/lib/facter/ubuntu_nextcodename.rb b/lib/facter/ubuntu_nextcodename.rb
new file mode 100644
index 0000000..dcd1d42
--- /dev/null
+++ b/lib/facter/ubuntu_nextcodename.rb
@@ -0,0 +1,20 @@
+begin
+ require 'facter/util/ubuntu'
+rescue LoadError
+ require "#{File.dirname(__FILE__)}/util/ubuntu"
+end
+
+def ubuntu_codename_to_next(codename)
+ codenames = Facter::Util::Ubuntu::CODENAMES
+ i = codenames.index(codename)
+ if i and i+1 < codenames.count
+ return codenames[i+1]
+ end
+end
+
+Facter.add(:ubuntu_nextcodename) do
+ confine :operatingsystem => 'Ubuntu'
+ setcode do
+ ubuntu_codename_to_next(Facter.value('ubuntu_codename'))
+ end
+end
diff --git a/lib/facter/util/debian.rb b/lib/facter/util/debian.rb
new file mode 100644
index 0000000..290c17b
--- /dev/null
+++ b/lib/facter/util/debian.rb
@@ -0,0 +1,18 @@
+module Facter
+ module Util
+ module Debian
+ STABLE = 8
+ CODENAMES = {
+ "5" => "lenny",
+ "6" => "squeeze",
+ "7" => "wheezy",
+ "8" => "jessie",
+ "9" => "stretch",
+ "10" => "buster",
+ }
+ LTS = [
+ "squeeze",
+ ]
+ end
+ end
+end
diff --git a/lib/facter/util/ubuntu.rb b/lib/facter/util/ubuntu.rb
new file mode 100644
index 0000000..52c15e8
--- /dev/null
+++ b/lib/facter/util/ubuntu.rb
@@ -0,0 +1,21 @@
+module Facter
+ module Util
+ module Ubuntu
+ CODENAMES = [
+ "lucid",
+ "maverick",
+ "natty",
+ "oneiric",
+ "precise",
+ "quantal",
+ "raring",
+ "saucy",
+ "trusty",
+ "utopic",
+ "vivid",
+ "wily",
+ "xenial"
+ ]
+ end
+ end
+end
diff --git a/lib/puppet/parser/functions/debian_nextcodename.rb b/lib/puppet/parser/functions/debian_nextcodename.rb
deleted file mode 100644
index 3d5c3bd..0000000
--- a/lib/puppet/parser/functions/debian_nextcodename.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-module Puppet::Parser::Functions
- newfunction(:debian_nextcodename, :type => :rvalue) do |args|
- case args[0]
- when "etch" then "lenny"
- when "lenny" then "squeeze"
- when "squeeze" then "wheezy"
- when "wheezy" then "jessie"
- when "jessie" then "sid"
- when "sid" then "experimental"
- else "sid"
- end
- end
-end
diff --git a/lib/puppet/parser/functions/debian_nextrelease.rb b/lib/puppet/parser/functions/debian_nextrelease.rb
deleted file mode 100644
index 76c3e0d..0000000
--- a/lib/puppet/parser/functions/debian_nextrelease.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-module Puppet::Parser::Functions
- newfunction(:debian_nextrelease, :type => :rvalue) do |args|
- case args[0]
- when 'oldstable' then 'stable'
- when 'stable' then 'testing'
- when 'testing' then 'unstable'
- when 'unstable' then 'experimental'
- else 'unstable'
- end
- end
-end
diff --git a/lib/puppet/parser/functions/debian_release.rb b/lib/puppet/parser/functions/debian_release.rb
deleted file mode 100644
index d7b6718..0000000
--- a/lib/puppet/parser/functions/debian_release.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-module Puppet::Parser::Functions
- newfunction(:debian_release, :type => :rvalue) do |args|
- case args[0]
- when 'squeeze' then 'oldstable'
- when 'wheezy' then 'stable'
- when 'jessie' then 'testing'
- when 'sid' then 'unstable'
- when 'experimental' then 'experimental'
- else 'testing'
- end
- end
-end
diff --git a/lib/puppet/parser/functions/debian_release_version.rb b/lib/puppet/parser/functions/debian_release_version.rb
deleted file mode 100644
index 0abe90e..0000000
--- a/lib/puppet/parser/functions/debian_release_version.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-module Puppet::Parser::Functions
- newfunction(:debian_release_version, :type => :rvalue) do |args|
- case args[0]
- when 'etch' then '4.0'
- when 'lenny' then '5.0'
- when 'squeeze' then '6.0'
- when 'wheezy' then '7.0'
- else ''
- end
- end
-end
diff --git a/manifests/apt_conf.pp b/manifests/apt_conf.pp
index f446c69..949f615 100644
--- a/manifests/apt_conf.pp
+++ b/manifests/apt_conf.pp
@@ -38,7 +38,7 @@ define apt::apt_conf(
if $refresh_apt {
File["/etc/apt/apt.conf.d/${name}"] {
- notify => Exec['refresh_apt'],
+ notify => Exec['apt_updated'],
}
}
diff --git a/manifests/apticron.pp b/manifests/apticron.pp
index 54d7b71..9c94f9c 100644
--- a/manifests/apticron.pp
+++ b/manifests/apticron.pp
@@ -1,6 +1,6 @@
class apt::apticron(
$ensure_version = 'installed',
- $config = "apt/${::operatingsystem}/apticron_${::lsbdistcodename}.erb",
+ $config = "apt/${::operatingsystem}/apticron_${::debian_codename}.erb",
$email = 'root',
$diff_only = '1',
$listchanges_profile = 'apticron',
diff --git a/manifests/dist_upgrade.pp b/manifests/dist_upgrade.pp
index bf78dcc..19c031e 100644
--- a/manifests/dist_upgrade.pp
+++ b/manifests/dist_upgrade.pp
@@ -1,18 +1,9 @@
class apt::dist_upgrade {
- if $apt::disable_update == false {
- include apt::update
- }
-
- $req = $apt::disable_update ? {
- true => undef,
- default => Exec['apt_updated'],
- }
-
exec { 'apt_dist-upgrade':
command => '/usr/bin/apt-get -q -y -o \'DPkg::Options::=--force-confold\' dist-upgrade',
refreshonly => true,
- require => $req
+ before => Exec['apt_updated']
}
}
diff --git a/manifests/dot_d_directories.pp b/manifests/dot_d_directories.pp
index 37c3fc8..0ace863 100644
--- a/manifests/dot_d_directories.pp
+++ b/manifests/dot_d_directories.pp
@@ -5,18 +5,11 @@ class apt::dot_d_directories {
'/etc/apt/apt.conf.d':
ensure => directory,
checksum => mtime,
- notify => Exec['refresh_apt'];
+ notify => Exec['apt_updated'];
'/etc/apt/sources.list.d':
ensure => directory,
checksum => mtime,
- notify => Exec['refresh_apt'];
- }
-
- exec {
- # "&& sleep 1" is workaround for older(?) clients
- 'refresh_apt':
- command => '/usr/bin/apt-get update && sleep 1',
- refreshonly => true,
+ notify => Exec['apt_updated'];
}
}
diff --git a/manifests/dselect.pp b/manifests/dselect.pp
index 6feeb9f..2b99a43 100644
--- a/manifests/dselect.pp
+++ b/manifests/dselect.pp
@@ -1,9 +1,10 @@
+# manage dselect, like
+# suppressing the annoying help texts
class apt::dselect {
- # suppress annoying help texts of dselect
- line { 'dselect_expert':
- file => '/etc/dpkg/dselect.cfg',
- line => 'expert',
+ file_line { 'dselect_expert':
+ path => '/etc/dpkg/dselect.cfg',
+ line => 'expert',
}
package { 'dselect': ensure => installed }
diff --git a/manifests/init.pp b/manifests/init.pp
index 33eac37..4c44af2 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -4,18 +4,20 @@
# See LICENSE for the full license granted to you.
class apt(
- $codename = $apt::params::codename,
+ $use_lts = $apt::params::use_lts,
$use_volatile = $apt::params::use_volatile,
+ $use_backports = $apt::params::use_backports,
$include_src = $apt::params::include_src,
$use_next_release = $apt::params::use_next_release,
$debian_url = $apt::params::debian_url,
$security_url = $apt::params::security_url,
$backports_url = $apt::params::backports_url,
+ $lts_url = $apt::params::lts_url,
$volatile_url = $apt::params::volatile_url,
$ubuntu_url = $apt::params::ubuntu_url,
$repos = $apt::params::repos,
$custom_preferences = $apt::params::custom_preferences,
- $disable_update = $apt::params::disable_update,
+ $custom_sources_list = '',
$custom_key_dir = $apt::params::custom_key_dir
) inherits apt::params {
case $::operatingsystem {
@@ -38,32 +40,16 @@ class apt(
require => undef,
}
- include lsb
-
- # init $release, $next_release, $next_codename, $release_version
- case $codename {
- 'n/a': {
- fail("Unknown lsbdistcodename reported by facter: '$::lsbdistcodename', please fix this by setting this variable in your manifest.")
- }
- default: {
- $release = debian_release($codename)
- }
- }
- $release_version = debian_release_version($codename)
- $next_codename = debian_nextcodename($codename)
- $next_release = debian_nextrelease($release)
-
- $sources_content = $::custom_sources_list ? {
+ $sources_content = $custom_sources_list ? {
'' => template( "apt/${::operatingsystem}/sources.list.erb"),
- default => $::custom_sources_list
+ default => $custom_sources_list
}
file {
- # include main, security and backports
+ # include main and security
# additional sources should be included via the apt::sources_list define
'/etc/apt/sources.list':
content => $sources_content,
- require => Package['lsb'],
- notify => Exec['refresh_apt'],
+ notify => Exec['apt_updated'],
owner => root,
group => 0,
mode => '0644';
@@ -110,9 +96,22 @@ class apt(
# backports uses the normal archive key now
package { 'debian-backports-keyring': ensure => absent }
+ if ($use_backports and !($::debian_release in ['testing', 'unstable', 'experimental'])) {
+ apt::sources_list {
+ 'backports':
+ content => "deb $backports_url ${::debian_codename}-backports ${apt::real_repos}",
+ }
+ if $include_src {
+ apt::sources_list {
+ 'backports-src':
+ content => "deb-src $backports_url ${::debian_codename}-backports ${apt::real_repos}",
+ }
+ }
+ }
+
include common::moduledir
+ common::module_dir { 'apt': }
$apt_base_dir = "${common::moduledir::module_dir_path}/apt"
- modules_dir { 'apt': }
if $custom_key_dir {
file { "${apt_base_dir}/keys.d":
@@ -123,21 +122,29 @@ class apt(
mode => '0755',
}
exec { 'custom_keys':
- command => "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && /usr/bin/apt-get update",
+ command => "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\;",
subscribe => File["${apt_base_dir}/keys.d"],
refreshonly => true,
+ notify => Exec[refresh_apt]
}
if $custom_preferences != false {
Exec['custom_keys'] {
- before => [ Exec[refresh_apt], File['apt_config'] ]
- }
- } else {
- Exec['custom_keys'] {
- before => Exec[refresh_apt]
+ before => File['apt_config']
}
}
}
# workaround for preseeded_package component
file { [ '/var/cache', '/var/cache/local', '/var/cache/local/preseeding' ]: ensure => directory }
+
+ exec { 'update_apt':
+ command => '/usr/bin/apt-get update',
+ require => [
+ File['/etc/apt/apt.conf.d', '/etc/apt/preferences' ],
+ File['/etc/apt/sources.list'] ],
+ refreshonly => true,
+ # Another Semaphor for all packages to reference
+ alias => [ 'apt_updated', 'refresh_apt']
+ }
+
}
diff --git a/manifests/key.pp b/manifests/key.pp
new file mode 100644
index 0000000..cb70ec6
--- /dev/null
+++ b/manifests/key.pp
@@ -0,0 +1,13 @@
+define apt::key ($source, $ensure = 'present') {
+ validate_re(
+ $name, '\.gpg$',
+ 'An apt::key resource name must have the .gpg extension',
+ )
+
+ file {
+ "/etc/apt/trusted.gpg.d/${name}":
+ ensure => $ensure,
+ source => $source,
+ notify => Exec['apt_updated'],
+ }
+}
diff --git a/manifests/key/plain.pp b/manifests/key/plain.pp
new file mode 100644
index 0000000..dff8b51
--- /dev/null
+++ b/manifests/key/plain.pp
@@ -0,0 +1,13 @@
+define apt::key::plain ($source) {
+ file {
+ "${apt::apt_base_dir}/keys/${name}":
+ source => $source;
+ "${apt::apt_base_dir}/keys":
+ ensure => directory;
+ }
+ exec { "apt-key add '${apt::apt_base_dir}/keys/${name}'":
+ subscribe => File["${apt::apt_base_dir}/keys/${name}"],
+ refreshonly => true,
+ notify => Exec['apt_updated'],
+ }
+}
diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp
index 0c163ae..e64bb1b 100644
--- a/manifests/listchanges.pp
+++ b/manifests/listchanges.pp
@@ -1,6 +1,6 @@
class apt::listchanges(
$ensure_version = 'installed',
- $config = "apt/${::operatingsystem}/listchanges_${::lsbdistcodename}.erb",
+ $config = "apt/${::operatingsystem}/listchanges_${::debian_codename}.erb",
$frontend = 'mail',
$email = 'root',
$confirm = '0',
diff --git a/manifests/params.pp b/manifests/params.pp
index 12273ac..28af06e 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,18 +1,22 @@
class apt::params () {
- $codename = $::lsbdistcodename
+ $use_lts = false
$use_volatile = false
+ $use_backports = true
$include_src = false
$use_next_release = false
- $debian_url = 'http://http.debian.net/debian/'
+ $debian_url = 'http://httpredir.debian.org/debian/'
$security_url = 'http://security.debian.org/'
- $backports_url = $::lsbdistcodename ? {
- 'wheezy' => $debian_url,
- default => 'http://backports.debian.org/debian-backports/',
+ $ubuntu_url = 'http://archive.ubuntu.com/ubuntu'
+ $backports_url = $::debian_codename ? {
+ 'squeeze' => 'http://backports.debian.org/debian-backports/',
+ default => $::operatingsystem ? {
+ 'Ubuntu' => $ubuntu_url,
+ default => $debian_url,
+ }
}
+ $lts_url = $debian_url
$volatile_url = 'http://volatile.debian.org/debian-volatile/'
- $ubuntu_url = 'http://archive.ubuntu.com/ubuntu'
$repos = 'auto'
$custom_preferences = ''
- $disable_update = false
$custom_key_dir = false
}
diff --git a/manifests/preferences.pp b/manifests/preferences.pp
index 9ed24c1..6982ca0 100644
--- a/manifests/preferences.pp
+++ b/manifests/preferences.pp
@@ -2,8 +2,8 @@ class apt::preferences {
$pref_contents = $apt::custom_preferences ? {
'' => $::operatingsystem ? {
- 'debian' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"),
- 'ubuntu' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"),
+ 'debian' => template("apt/${::operatingsystem}/preferences_${::debian_codename}.erb"),
+ 'ubuntu' => template("apt/${::operatingsystem}/preferences_${::ubuntu_codename}.erb"),
},
default => $apt::custom_preferences
}
diff --git a/manifests/preferences_snippet.pp b/manifests/preferences_snippet.pp
index 5ae748b..b7dba0d 100644
--- a/manifests/preferences_snippet.pp
+++ b/manifests/preferences_snippet.pp
@@ -13,7 +13,7 @@ define apt::preferences_snippet (
}
if $ensure == 'present' {
- if $custom_preferences == false {
+ if $apt::custom_preferences == false {
fail('Trying to define a preferences_snippet with $custom_preferences set to false.')
}
@@ -31,12 +31,10 @@ define apt::preferences_snippet (
file { "/etc/apt/preferences.d/${name}":
ensure => $ensure,
- owner => root, group => 0, mode => '0644';
+ owner => root, group => 0, mode => '0644',
+ before => Exec['apt_updated'];
}
- # This should really work in the same manner as sources_list and apt_conf
- # snippets, but since the preferences.d directory cannot be used in Debian
- # lenny, we can't generalize without going into ugly special-casing.
case $source {
'': {
case $release {
diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp
index 9bca8b1..3ef0687 100644
--- a/manifests/preseeded_package.pp
+++ b/manifests/preseeded_package.pp
@@ -4,7 +4,7 @@ define apt::preseeded_package (
) {
$seedfile = "/var/cache/local/preseeding/${name}.seeds"
$real_content = $content ? {
- '' => template ( "site_apt/${::lsbdistcodename}/${name}.seeds" ),
+ '' => template ( "site_apt/${::debian_codename}/${name}.seeds" ),
default => $content
}
diff --git a/manifests/sources_list.pp b/manifests/sources_list.pp
index 3367f83..0ee068d 100644
--- a/manifests/sources_list.pp
+++ b/manifests/sources_list.pp
@@ -15,22 +15,24 @@ define apt::sources_list (
include apt::dot_d_directories
+ $realname = regsubst($name, '\.list$', '')
+
# One would expect the 'file' resource on sources.list.d to trigger an
# apt-get update when files are added or modified in the directory, but it
# apparently doesn't.
- file { "/etc/apt/sources.list.d/${name}":
+ file { "/etc/apt/sources.list.d/${realname}.list":
ensure => $ensure,
owner => root, group => 0, mode => '0644',
- notify => Exec['refresh_apt'],
+ notify => Exec['apt_updated'],
}
if $source {
- File["/etc/apt/sources.list.d/${name}"] {
+ File["/etc/apt/sources.list.d/${realname}.list"] {
source => $source,
}
}
else {
- File["/etc/apt/sources.list.d/${name}"] {
+ File["/etc/apt/sources.list.d/${realname}.list"] {
content => $content,
}
}
diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp
index 398a1a7..52d7542 100644
--- a/manifests/unattended_upgrades.pp
+++ b/manifests/unattended_upgrades.pp
@@ -1,33 +1,34 @@
-class apt::unattended_upgrades {
+class apt::unattended_upgrades (
+ $config_content = undef,
+ $config_template = 'apt/50unattended-upgrades.erb',
+ $mailonlyonerror = true,
+ $mail_recipient = 'root',
+ $blacklisted_packages = [],
+ $ensure_version = present
+) {
package { 'unattended-upgrades':
- ensure => present,
- require => undef
+ ensure => $ensure_version
}
- apt_conf { '50unattended-upgrades':
- source => [
- "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}",
- "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades",
- "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}",
- "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades" ],
+ # For some reason, this directory is sometimes absent, which causes
+ # unattended-upgrades to crash.
+ file { '/var/log/unattended-upgrades':
+ ensure => directory,
+ owner => 'root',
+ group => 0,
+ mode => '0755',
require => Package['unattended-upgrades'],
}
- if defined(File['apt_config']) {
- Apt_conf['50unattended-upgrades'] {
- before => File['apt_config'],
- }
+ $file_content = $config_content ? {
+ undef => template($config_template),
+ default => $config_content
}
- if $operatingsystem == 'ubuntu' {
- file { '/etc/apt/apt.conf.d/10periodic':
- ensure => present,
- owner => root,
- group => root,
- mode => 0644,
- source => 'puppet:///modules/apt/10periodic',
- require => Package['unattended-upgrades'],
- }
+ apt_conf { '50unattended-upgrades':
+ content => $file_content,
+ require => Package['unattended-upgrades'],
+ refresh_apt => false
}
}
diff --git a/manifests/update.pp b/manifests/update.pp
index 3f45125..dde8320 100644
--- a/manifests/update.pp
+++ b/manifests/update.pp
@@ -1,13 +1,7 @@
-class apt::update {
+class apt::update inherits ::apt {
- exec { 'update_apt':
- command => '/usr/bin/apt-get update && /usr/bin/apt-get autoclean',
- require => [
- File['/etc/apt/apt.conf.d', '/etc/apt/preferences' ],
- File['/etc/apt/sources.list'] ],
- loglevel => info,
- # Another Semaphor for all packages to reference
- alias => 'apt_updated'
+ Exec['update_apt'] {
+ refreshonly => false
}
}
diff --git a/manifests/upgrade_package.pp b/manifests/upgrade_package.pp
index d607150..30572c9 100644
--- a/manifests/upgrade_package.pp
+++ b/manifests/upgrade_package.pp
@@ -2,10 +2,6 @@ define apt::upgrade_package (
$version = ''
) {
- if $apt::disable_update == false {
- include apt::update
- }
-
$version_suffix = $version ? {
'' => '',
'latest' => '',
@@ -26,17 +22,10 @@ define apt::upgrade_package (
}
}
- $req = $apt::disable_update ? {
- true => Package['apt-show-versions', 'dctrl-tools'],
- default => [
- Exec['apt_updated'],
- Package['apt-show-versions', 'dctrl-tools']
- ],
- }
-
exec { "apt-get -q -y -o 'DPkg::Options::=--force-confold' install ${name}${version_suffix}":
onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ],
- require => $req
+ require => Package['apt-show-versions', 'dctrl-tools'],
+ before => Exec['apt_updated']
}
}
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
new file mode 100644
index 0000000..21d1a98
--- /dev/null
+++ b/spec/spec_helper.rb
@@ -0,0 +1,12 @@
+# https://puppetlabs.com/blog/testing-modules-in-the-puppet-forge
+require 'rspec-puppet'
+require 'mocha/api'
+
+RSpec.configure do |c|
+
+ c.module_path = File.expand_path(File.join(File.dirname(__FILE__), '..', '..'))
+ c.color = true
+
+ #Puppet.features.stubs(:root? => true)
+
+end
diff --git a/spec/unit/custom_facts_spec.rb b/spec/unit/custom_facts_spec.rb
new file mode 100644
index 0000000..9a28d92
--- /dev/null
+++ b/spec/unit/custom_facts_spec.rb
@@ -0,0 +1,86 @@
+require "spec_helper"
+
+describe "Facter::Util::Fact" do
+ before {
+ Facter.clear
+ }
+
+ describe 'custom facts' do
+
+ context 'Debian 7' do
+ before do
+ Facter.fact(:operatingsystem).stubs(:value).returns("Debian")
+ Facter.fact(:operatingsystemrelease).stubs(:value).returns("7.8")
+ Facter.fact(:lsbdistcodename).stubs(:value).returns("wheezy")
+ end
+
+ it "debian_release = oldstable" do
+ expect(Facter.fact(:debian_release).value).to eq('oldstable')
+ end
+
+ it "debian_codename = wheezy" do
+ expect(Facter.fact(:debian_codename).value).to eq('wheezy')
+ end
+
+ it "debian_nextcodename = jessie" do
+ expect(Facter.fact(:debian_nextcodename).value).to eq('jessie')
+ end
+
+ it "debian_nextrelease = stable" do
+ expect(Facter.fact(:debian_nextrelease).value).to eq('stable')
+ end
+ end
+
+ context 'Debian 8' do
+ before do
+ Facter.fact(:operatingsystem).stubs(:value).returns("Debian")
+ Facter.fact(:operatingsystemrelease).stubs(:value).returns("8.0")
+ Facter.fact(:lsbdistcodename).stubs(:value).returns("jessie")
+ end
+
+ it "debian_release = stable" do
+ expect(Facter.fact(:debian_release).value).to eq('stable')
+ end
+
+ it "debian_codename = jessie" do
+ expect(Facter.fact(:debian_codename).value).to eq('jessie')
+ end
+
+ it "debian_nextcodename = stretch" do
+ expect(Facter.fact(:debian_nextcodename).value).to eq('stretch')
+ end
+
+ it "debian_nextrelease = testing" do
+ expect(Facter.fact(:debian_nextrelease).value).to eq('testing')
+ end
+ end
+
+ context 'Ubuntu 15.10' do
+ before do
+ Facter.fact(:operatingsystem).stubs(:value).returns("Ubuntu")
+ Facter.fact(:operatingsystemrelease).stubs(:value).returns("15.10")
+ Facter.fact(:lsbdistcodename).stubs(:value).returns("wily")
+ end
+
+ it "ubuntu_codename = wily" do
+ expect(Facter.fact(:ubuntu_codename).value).to eq('wily')
+ end
+
+ it "ubuntu_nextcodename = xenial" do
+ expect(Facter.fact(:ubuntu_nextcodename).value).to eq('xenial')
+ end
+ end
+ end
+
+ describe "Test 'apt_running' fact" do
+ it "should return true when apt-get is running" do
+ Facter::Util::Resolution.stubs(:exec).with("pgrep apt-get >/dev/null 2>&1 && echo true || echo false").returns("true")
+ expect(Facter.fact(:apt_running).value).to eq('true')
+ end
+ it "should return false when apt-get is not running" do
+ Facter::Util::Resolution.stubs(:exec).with("pgrep apt-get >/dev/null 2>&1 && echo true || echo false").returns("false")
+ expect(Facter.fact(:apt_running).value).to eq('false')
+ end
+ end
+
+end
diff --git a/templates/20proxy.erb b/templates/20proxy.erb
index ea706b6..520e7b1 100644
--- a/templates/20proxy.erb
+++ b/templates/20proxy.erb
@@ -1,5 +1,5 @@
// This file is managed by Puppet
// all local modifications will be overwritten
-Acquire::http { Proxy "<%= proxy %>:<%= port %>"; };
+Acquire::http { Proxy "<%= @proxy %>:<%= @port %>"; };
Acquire::HTTP::Proxy::bugs.debian.org "DIRECT";
diff --git a/templates/50unattended-upgrades.erb b/templates/50unattended-upgrades.erb
new file mode 100644
index 0000000..7c65d10
--- /dev/null
+++ b/templates/50unattended-upgrades.erb
@@ -0,0 +1,38 @@
+// this file is managed by puppet !
+
+<% if scope.lookupvar('::operatingsystem') == 'Ubuntu' -%>
+Unattended-Upgrade::Allowed-Origins {
+ "${distro_id}:${distro_codename}-security";
+ "${distro_id}:${distro_codename}-updates";
+ "${distro_id}:${distro_codename}-backports";
+<% elsif scope.lookupvar('::operatingsystem') == 'Debian' and scope.lookupvar('::debian_codename') == 'squeeze' -%>
+Unattended-Upgrade::Allowed-Origins {
+ "${distro_id}:<%= scope.lookupvar('::debian_release') %>";
+ "${distro_id}:squeeze-lts";
+<% elsif scope.lookupvar('::operatingsystem') == 'Debian' and scope.lookupvar('::debian_codename') == 'wheezy' -%>
+Unattended-Upgrade::Origins-Pattern {
+ "origin=Debian,archive=<%= scope.lookupvar('::debian_release') %>,label=Debian-Security";
+ "origin=Debian,archive=${distro_codename}-lts";
+<% else -%>
+Unattended-Upgrade::Origins-Pattern {
+ "origin=Debian,codename=${distro_codename},label=Debian";
+ "origin=Debian,codename=${distro_codename},label=Debian-Security";
+<% end -%>
+};
+
+<% if not @blacklisted_packages.empty? -%>
+Unattended-Upgrade::Package-Blacklist {
+<% @blacklisted_packages.each do |pkg| -%>
+ "<%= pkg %>";
+<% end -%>
+};
+<% end -%>
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::Unattended-Upgrade "1";
+
+Unattended-Upgrade::Mail "<%= @mail_recipient -%>";
+<% if @mailonlyonerror -%>
+Unattended-Upgrade::MailOnlyOnError "true";
+<% end -%>
diff --git a/templates/Debian/apticron_jessie.erb b/templates/Debian/apticron_jessie.erb
new file mode 120000
index 0000000..a9a3a6f
--- /dev/null
+++ b/templates/Debian/apticron_jessie.erb
@@ -0,0 +1 @@
+apticron_wheezy.erb \ No newline at end of file
diff --git a/templates/Debian/apticron_lenny.erb b/templates/Debian/apticron_lenny.erb
index aad9985..86b0997 100644
--- a/templates/Debian/apticron_lenny.erb
+++ b/templates/Debian/apticron_lenny.erb
@@ -24,9 +24,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# of "hostname -f" for the system name in the mails it generates
#
# SYSTEM="foobar.example.com"
-<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%>
-<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::system')).to_s == "false" -%>
+SYSTEM="<%= v %>"
+<% end -%>
#
# Set IPADDRESSNUM if you would like to configure the maximal number of IP
@@ -34,9 +34,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# family type (inet, inet6), if available.
#
# IPADDRESSNUM="1"
-<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%>
-<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::ipaddressnum')).to_s == "false" -%>
+IPADDRESSNUM="<%= v %>"
+<% end -%>
#
# Set IPADDRESSES to a whitespace seperated list of reachable addresses for
@@ -44,7 +44,7 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# "ip" command
#
# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
-<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%>
-<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::ipaddresses')).to_s == "false" -%>
+IPADDRESSES="<%= v %>"
+<% end -%>
diff --git a/templates/Debian/apticron_squeeze.erb b/templates/Debian/apticron_squeeze.erb
index 580179e..05b7c9b 100644
--- a/templates/Debian/apticron_squeeze.erb
+++ b/templates/Debian/apticron_squeeze.erb
@@ -26,9 +26,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# of "hostname -f" for the system name in the mails it generates
#
# SYSTEM="foobar.example.com"
-<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%>
-<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::system')).to_s == "false" -%>
+SYSTEM="<%= v %>"
+<% end -%>
#
@@ -37,9 +37,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# family type (inet, inet6), if available.
#
# IPADDRESSNUM="1"
-<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%>
-<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::ipaddressnum')).to_s == "false" -%>
+IPADDRESSNUM="<%= v %>"
+<% end -%>
#
@@ -48,9 +48,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# "ip" command
#
# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
-<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%>
-<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::ipaddresses')).to_s == "false" -%>
+IPADDRESSES="<%= v %>"
+<% end -%>
#
diff --git a/templates/Debian/apticron_wheezy.erb b/templates/Debian/apticron_wheezy.erb
index d8c8804..655854e 100644
--- a/templates/Debian/apticron_wheezy.erb
+++ b/templates/Debian/apticron_wheezy.erb
@@ -25,9 +25,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# of "hostname -f" for the system name in the mails it generates
#
# SYSTEM="foobar.example.com"
-<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%>
-<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::system')).to_s == "false" -%>
+SYSTEM="<%= v %>"
+<% end -%>
#
# Set IPADDRESSNUM if you would like to configure the maximal number of IP
@@ -35,9 +35,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# family type (inet, inet6), if available.
#
# IPADDRESSNUM="1"
-<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%>
-<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::ipaddressnum')).to_s == "false" -%>
+IPADDRESSNUM="<%= v %>"
+<% end -%>
#
# Set IPADDRESSES to a whitespace separated list of reachable addresses for
@@ -45,9 +45,9 @@ LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %
# "ip" command
#
# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
-<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%>
-<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %>
-<%- end -%>
+<% unless (v=scope.lookupvar('apt::apticron::ipaddresses')).to_s == "false" -%>
+IPADDRESSES=<%= v %>"
+<% end -%>
#
# Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of
diff --git a/templates/Debian/listchanges_jessie.erb b/templates/Debian/listchanges_jessie.erb
new file mode 120000
index 0000000..74ab496
--- /dev/null
+++ b/templates/Debian/listchanges_jessie.erb
@@ -0,0 +1 @@
+listchanges_lenny.erb \ No newline at end of file
diff --git a/templates/Debian/preferences_jessie.erb b/templates/Debian/preferences_jessie.erb
index 0cc0e5c..0888abe 100644
--- a/templates/Debian/preferences_jessie.erb
+++ b/templates/Debian/preferences_jessie.erb
@@ -1,13 +1,8 @@
-Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
+Explanation: Debian <%= codename=scope.lookupvar('::debian_codename') %>
Package: *
Pin: release o=Debian,n=<%= codename %>
Pin-Priority: 990
-Explanation: Debian <%= codename %>-updates
-Package: *
-Pin: release o=Debian,n=<%= codename %>-updates
-Pin-Priority: 990
-
Explanation: Debian sid
Package: *
Pin: release o=Debian,n=sid
@@ -17,4 +12,3 @@ Explanation: Debian fallback
Package: *
Pin: release o=Debian
Pin-Priority: -10
-
diff --git a/templates/Debian/preferences_lenny.erb b/templates/Debian/preferences_lenny.erb
index 5c3c829..6500168 100644
--- a/templates/Debian/preferences_lenny.erb
+++ b/templates/Debian/preferences_lenny.erb
@@ -1,6 +1,6 @@
-Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
+Explanation: Debian <%= codename=scope.lookupvar('::debian_codename') %>
Package: *
-Pin: release o=Debian,a=<%= scope.lookupvar('apt::release') %>,v=<%= scope.lookupvar('apt::release_version') %>*
+Pin: release o=Debian,a=<%= scope.lookupvar('::debian_release') %>,v=5*
Pin-Priority: 990
Explanation: Debian backports
@@ -8,7 +8,7 @@ Package: *
Pin: origin backports.debian.org
Pin-Priority: 200
-Explanation: Debian <%= next_release=scope.lookupvar('apt::next_release') %>
+Explanation: Debian <%= next_release=scope.lookupvar('::debian_nextrelease') %>
Package: *
Pin: release o=Debian,a=<%= next_release %>
Pin-Priority: 2
diff --git a/templates/Debian/preferences_squeeze.erb b/templates/Debian/preferences_squeeze.erb
index efe7720..885edc7 100644
--- a/templates/Debian/preferences_squeeze.erb
+++ b/templates/Debian/preferences_squeeze.erb
@@ -1,4 +1,4 @@
-Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
+Explanation: Debian <%= codename=scope.lookupvar('::debian_codename') %>
Package: *
Pin: release o=Debian,n=<%= codename %>
Pin-Priority: 990
@@ -8,7 +8,12 @@ Package: *
Pin: release o=Debian,n=<%= codename %>-updates
Pin-Priority: 990
-Explanation: Debian <%= next_codename=scope.lookupvar('apt::next_codename') %>
+Explanation: Debian <%= codename %>-lts
+Package: *
+Pin: release o=Debian,n=<%= codename %>-lts
+Pin-Priority: 990
+
+Explanation: Debian <%= next_codename=scope.lookupvar('::debian_nextcodename') %>
Package: *
Pin: release o=Debian,n=<%= next_codename %>
Pin-Priority: 2
diff --git a/templates/Debian/preferences_wheezy.erb b/templates/Debian/preferences_wheezy.erb
index 0cc0e5c..106108d 100644
--- a/templates/Debian/preferences_wheezy.erb
+++ b/templates/Debian/preferences_wheezy.erb
@@ -1,4 +1,4 @@
-Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %>
+Explanation: Debian <%= codename=scope.lookupvar('::debian_codename') %>
Package: *
Pin: release o=Debian,n=<%= codename %>
Pin-Priority: 990
diff --git a/templates/Debian/sources.list.erb b/templates/Debian/sources.list.erb
index b2ea727..44eea53 100644
--- a/templates/Debian/sources.list.erb
+++ b/templates/Debian/sources.list.erb
@@ -1,88 +1,76 @@
# This file is managed by puppet
# all local modifications will be overwritten
-### Debian current: <%= codename=scope.lookupvar('apt::codename') %>
+### Debian current: <%= codename=scope.lookupvar('::debian_codename') %>
# basic
deb <%= debian_url=scope.lookupvar('apt::debian_url') %> <%= codename %> <%= lrepos=scope.lookupvar('apt::real_repos') %>
-<% if scope.lookupvar('apt::include_src') -%>
+<% if include_src=scope.lookupvar('apt::include_src') -%>
deb-src <%= debian_url %> <%= codename %> <%= lrepos %>
<% end -%>
# security
-<% if ((release=scope.lookupvar('apt::release')) == "unstable" || release == "experimental" || codename == "lenny" ) -%>
-# There is no security support for <%= release %>
-<% else -%>
+<% if ((release=scope.lookupvar('::debian_release')) == "stable" || release == "oldstable") -%>
deb <%= security_url=scope.lookupvar('apt::security_url') %> <%= codename %>/updates <%= lrepos %>
-<% if @include_src -%>
+<% if include_src -%>
deb-src <%= security_url %> <%= codename %>/updates <%= lrepos %>
<% end -%>
-<% end -%>
-
-# backports
-<% if (release == "testing" || release == "unstable" || release == "experimental") -%>
-# There is no backports archive for <%= release %>
<% else -%>
-deb <%= backports_url=scope.lookupvar('apt::backports_url') %> <%= codename %>-backports <%= lrepos %>
-<% if include_src -%>
-deb-src <%= backports_url %> <%= codename %>-backports <%= lrepos %>
-<% end -%>
+# There is no security support for <%= release %>
<% end -%>
<% if use_volatile=scope.lookupvar('apt::use_volatile') -%>
# volatile
-<% if (release == "testing" || release == "unstable" || release == "experimental") -%>
+<% if (release == "testing" || release == "unstable" || release == "experimental") -%>
# There is no volatile archive for <%= release %>
-<% else -%>
-<% if (codename == "lenny" || codename == "etch") -%>
-deb <%= volatile_url=scope.lookupvar('apt::volatile_url') %> <%= codename %>/volatile <%= lrepos %>
-<% if include_src -%>
-deb-src <%= volatile_url %> <%= codename %>/volatile <%= lrepos %>
-<% end -%>
-<% else -%>
+<% else -%>
deb <%= debian_url %> <%= codename %>-updates <%= lrepos %>
-<% if include_src -%>
+<% if include_src -%>
deb-src <%= debian_url %> <%= codename %>-updates <%= lrepos %>
-<% end -%>
+<% end
+ end
+ end -%>
+
+<% if use_lts=scope.lookupvar('apt::use_lts') -%>
+# LTS
+<% if release_lts=scope.lookupvar('::debian_lts') == "false" -%>
+# There is no LTS archive for <%= release %>
+<% else -%>
+deb <%= debian_url %> <%= codename %>-lts <%= lrepos %>
+<% if include_src -%>
+deb-src <%= debian_url %> <%= codename %>-lts <%= lrepos %>
<% end -%>
<% end -%>
<% end -%>
<% if next_release=scope.lookupvar('apt::use_next_release') -%>
-### Debian next: <%= next_release=scope.lookupvar('apt::next_release') ; next_codename=scope.lookupvar('apt::next_codename') %>
+### Debian next: <%= next_release=scope.lookupvar('::debian_nextrelease') ; next_codename=scope.lookupvar('::debian_nextcodename') %>
# basic
deb <%= debian_url %> <%= next_codename %> <%= lrepos %>
-<% if include_src then -%>
+<% if include_src -%>
deb-src <%= debian_url %> <%= next_codename %> <%= lrepos %>
-<% end -%>
+<% end -%>
# security
-<% if (next_release == "unstable" || next_release == "experimental") -%>
+<% if (next_release == "unstable" || next_release == "experimental") -%>
# There is no security support for <%= next_release %>
-<% else -%>
+<% else -%>
deb <%= security_url %> <%= next_codename %>/updates <%= lrepos %>
-<% if include_src then -%>
+<% if include_src then -%>
deb-src <%= security_url %> <%= next_codename %>/updates <%= lrepos %>
-<% end -%>
-<% end -%>
+<% end
+ end -%>
-<% if use_volatile -%>
+<% if use_volatile -%>
# volatile
-<% if (next_release == "testing" || next_release == "unstable" || next_release == "experimental") -%>
+<% if (next_release == "testing" || next_release == "unstable" || next_release == "experimental") -%>
# There is no volatile archive for <%= next_release %>
-<% else -%>
-<% if (next_codename == "lenny" || next_codename == "etch") -%>
-deb <%= volatile_url %> <%= next_codename %>/volatile <%= lrepos %>
-<% if include_src then -%>
-deb-src <%= volatile_url %> <%= next_codename %>/volatile <%= lrepos %>
-<% end -%>
-<% else -%>
+<% else -%>
deb <%= debian_url %> <%= next_codename %>-updates <%= lrepos %>
-<% if include_src then -%>
+<% if include_src -%>
deb-src <%= debian_url %> <%= next_codename %>-updates <%= lrepos %>
-<% end -%>
-<% end -%>
-<% end -%>
-<% end -%>
-<% end -%>
+<% end
+ end
+ end
+ end -%>
diff --git a/templates/Ubuntu/preferences_maverick.erb b/templates/Ubuntu/preferences_maverick.erb
index 801ddd4..8e5481d 100644
--- a/templates/Ubuntu/preferences_maverick.erb
+++ b/templates/Ubuntu/preferences_maverick.erb
@@ -1,4 +1,4 @@
-Explanation: Ubuntu <%= codename=scope.lookupvar('apt::codename') %> security
+Explanation: Ubuntu <%= codename=scope.lookupvar('::ubuntu_codename') %> security
Package: *
Pin: release o=Ubuntu,a=<%= codename %>-security
Pin-Priority: 990
@@ -18,7 +18,7 @@ Package: *
Pin: release a=<%= codename %>-backports
Pin-Priority: 200
-Explanation: Ubuntu <%= next_release=scope.lookupvar('apt::next_release') %>
+Explanation: Ubuntu <%= next_release=scope.lookupvar('::ubuntu_nextcodename') %>
Package: *
Pin: release o=Ubuntu,a=<%= next_release %>
Pin-Priority: 2
diff --git a/templates/Ubuntu/preferences_utopic.erb b/templates/Ubuntu/preferences_utopic.erb
new file mode 120000
index 0000000..3debe4f
--- /dev/null
+++ b/templates/Ubuntu/preferences_utopic.erb
@@ -0,0 +1 @@
+preferences_maverick.erb \ No newline at end of file
diff --git a/templates/Ubuntu/preferences_vivid.erb b/templates/Ubuntu/preferences_vivid.erb
new file mode 120000
index 0000000..3debe4f
--- /dev/null
+++ b/templates/Ubuntu/preferences_vivid.erb
@@ -0,0 +1 @@
+preferences_maverick.erb \ No newline at end of file
diff --git a/templates/Ubuntu/preferences_wily.erb b/templates/Ubuntu/preferences_wily.erb
new file mode 120000
index 0000000..3debe4f
--- /dev/null
+++ b/templates/Ubuntu/preferences_wily.erb
@@ -0,0 +1 @@
+preferences_maverick.erb \ No newline at end of file
diff --git a/templates/Ubuntu/preferences_xenial.erb b/templates/Ubuntu/preferences_xenial.erb
new file mode 120000
index 0000000..3debe4f
--- /dev/null
+++ b/templates/Ubuntu/preferences_xenial.erb
@@ -0,0 +1 @@
+preferences_maverick.erb \ No newline at end of file
diff --git a/templates/Ubuntu/sources.list.erb b/templates/Ubuntu/sources.list.erb
index c1a6115..e6d2f64 100644
--- a/templates/Ubuntu/sources.list.erb
+++ b/templates/Ubuntu/sources.list.erb
@@ -1,26 +1,22 @@
# This file is managed by puppet
# all local modifications will be overwritten
-# basic <%= codename=scope.lookupvar('apt::codename') %>
+# basic <%= codename=scope.lookupvar('::ubuntu_codename') %>
deb <%= ubuntu_url=scope.lookupvar('apt::ubuntu_url') %> <%= codename %> <%= lrepos=scope.lookupvar('apt::real_repos') %>
<% if include_src=scope.lookupvar('apt::include_src') -%>
deb-src <%= ubuntu_url %> <%= codename %> <%= lrepos %>
<% end -%>
+<% if use_volatile=scope.lookupvar('apt::use_volatile') -%>
# updates
deb <%= ubuntu_url %> <%= codename %>-updates <%= lrepos %>
-<% if include_src -%>
+<% if include_src -%>
deb-src <%= ubuntu_url %> <%= codename %>-updates <%= lrepos %>
-<% end -%>
+<% end
+ end -%>
# security suppport
deb <%= ubuntu_url %> <%= codename %>-security <%= lrepos %>
<% if include_src -%>
deb-src <%= ubuntu_url %> <%= codename %>-security <%= lrepos %>
<% end -%>
-
-# backports
-deb <%= ubuntu_url %> <%= codename %>-backports main <%= lrepos %>
-<% if include_src -%>
-deb-src <%= ubuntu_url %> <%= codename %>-backports <%= lrepos %>
-<% end -%>
diff --git a/templates/preferences_snippet.erb b/templates/preferences_snippet.erb
index b7acaab..903e73d 100644
--- a/templates/preferences_snippet.erb
+++ b/templates/preferences_snippet.erb
@@ -1,4 +1,4 @@
-Package: <%= real_package %>
-Pin: <%= pin %>
-Pin-Priority: <%= priority %>
+Package: <%= @real_package %>
+Pin: <%= @pin %>
+Pin-Priority: <%= @priority %>
diff --git a/templates/preferences_snippet_release.erb b/templates/preferences_snippet_release.erb
index 845d23f..b95d3f8 100644
--- a/templates/preferences_snippet_release.erb
+++ b/templates/preferences_snippet_release.erb
@@ -1,4 +1,4 @@
-Package: <%= real_package %>
-Pin: release a=<%= release %>
-Pin-Priority: <%= priority %>
+Package: <%= @real_package %>
+Pin: release a=<%= @release %>
+Pin-Priority: <%= @priority %>