aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README7
-rw-r--r--files/backports.org.key33
-rw-r--r--manifests/init.pp71
-rw-r--r--templates/sources.list.backports.erb8
-rw-r--r--templates/sources.list.erb6
5 files changed, 29 insertions, 96 deletions
diff --git a/README b/README
index e624bba..131ae1d 100644
--- a/README
+++ b/README
@@ -1,3 +1,4 @@
+
Overview
========
@@ -6,7 +7,7 @@ This module manages apt on Debian.
It keeps dpkg's and apt's databases as well as the keyrings for securing
package download current.
-backports.org is added and an archive key is provided[1].
+backports.debian.org is added.
dselect is switched to expert mode to suppress superfluous help screens.
@@ -138,7 +139,3 @@ Sometimes -- especially when initially starting management or deploying new
packages -- a immediate update is really needed to be able to install the right
packages without errors. Thus a method should be devised to be able to specify
with high fidelity when a update should be run and when it is not needed.
-
-
-
-[1] Of course, you should check the validity of _this_ key yourself.
diff --git a/files/backports.org.key b/files/backports.org.key
deleted file mode 100644
index 6e66404..0000000
--- a/files/backports.org.key
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.3 (GNU/Linux)
-
-mQGiBEMIgw4RBADueqAzlq+rQT9JYSSWnNzo6C+9crI8lzW/fcl2Q3PO97MOQTOx
-Qsf/lOh0Ku7O+VdBa+BwVPuUkSw6wTY5Ku1y/6r1BQzJ9oHkryDDJXsHzKhpdyFc
-/lD4hNGqRkiNg5ulwAI0O1eqffPWDmeR9ZzSsqM40f1U4TNLfPAu1viWxwCgnbWz
-onY6RqSYlRsDQaPsNTwieVEEAJeX2FGgNepD1SvfEremAkWCrYYlSZI76iTIf6bd
-kGkWqIT0vJyE2MNenhDJ2ebbHJVFmL9x8S3m1daC4Zwnacm7aoCY/QgMJ+Js1Fex
-Acev48W9KHgpVbFMd1t8KAwRbmFcQf0C/FZUbE7xScpTxS4z3SsMOuRyfnGpDOi6
-m/SnA/9wpquf3pPwbPykzKWNJEDouiJgt0zaFLauKDPeyTWeJ6htaAPDglArewdq
-bJ9M8QgLFtzjhg/fBQlRRUk7YP4OYtp1OdPkg2D/1rPQNySWlDf21T3N/K8ydKhR
-bYi+AsPuJLQUi3d+lVTFOebaL9felePvDC2/Eod7PSD1/rnkZ7Q0QmFja3BvcnRz
-Lm9yZyBBcmNoaXZlIEtleSA8ZnRwLW1hc3RlckBiYWNrcG9ydHMub3JnPohGBBAR
-AgAGBQJDgImkAAoJEHFe1qB+e4rJ2x4An2oI4xJpDvOx8uDIo9ihG1M0MpUqAJ9S
-cqVUmiyYSPtu8MwcZecy9kmOIYheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
-FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AniaEBvlr4oVFMrGgPiye7iE/jv68AJ48
-OkIfwcKJt7N8ImPAboeimFvWgIheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
-FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AnjdB14rGa/rzz1ohwsi1oEnDRYuyAJ44
-Nv8MTPjOaeEZArQ0flg8OXwF37kCDQRDCIMREAgAzXu6DGSDAz4JH+mlthtiQwNZ
-FU8bjWanGT3DL6zubxwc3ZQmRaMOiVuvJUuaJv8fdGRSvp09dP2/x5mzq2rACiEn
-DwZssNSK5sigxgy2W9zeO9bOtg6bhqZLwlsL8Y2xZhyGL3qGeP4zL1QbXZ1QdJuO
-90Xu7GWYS6Wsj+Y6dUsZFYvTZwSiLkEmgFUTxkNue3DQtZ/KNkwoKc+aqU+S7gDN
-StQDvTNtR6IV11KbKcY1iQ0B2bkh4zShWwloIr83V6huAhfH8GA7UW6saRJAof5D
-JWUb+PRmU2TAOOlyZoM4nMH+sFFDPOeG8fbecwlox5BRTMqcCB5ELbQXoVZT+wAD
-BQf/ffI9R53f9USQkhsSak+k82JjRo9hqKAvPwBv3fDhMYqX3XRmwgNeax2y6Ub0
-AQkDhIC6eJILP5hTb2gjpmYYP7YE/7F1h37lUg7dDYeyPQF54mUXPnIg3uQ/V9HB
-TY+ZW8rsVe1KRvPAuVFU77FfCvIFdLSXVi1HSUcGv9Y7Kk4Tkr7vzKshlcIp6zZr
-O0Y3t/+ekBwTTQqEoUylVYkCSt3z6bjpVWbepkL88rbqJnPueTATw9shjbFYaND8
-cXZox9tQmlOIZ6gDeH1YvFf7ObRLxULm7C6hwik6agtXWkNABVXSxM6MB4hcP9QC
-+FEhK6y/7wC3SyNRBuFujDG1aohJBBgRAgAJBQJDCIMRAhsMAAoJEOqOiyEWuhNs
-VVMAoJ1gbL0PHVf7yDwMjO3HuJBErxLdAJ4v9ojJnvJu2yUl4W586soBm+wsLg==
-=fBrI
------END PGP PUBLIC KEY BLOCK-----
diff --git a/manifests/init.pp b/manifests/init.pp
index 78ae6c5..98ec91c 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -36,7 +36,7 @@ class apt {
default: {
config_file { "/etc/apt/preferences":
content => $custom_preferences,
- alias => apt_config,
+ alias => "apt_config",
require => File["/etc/apt/sources.list"];
}
}
@@ -57,73 +57,40 @@ class apt {
'refresh_apt':
command => '/usr/bin/apt-get update && sleep 1',
refreshonly => true,
- subscribe => [ File["/etc/apt/sources.list"],
- File["/etc/apt/preferences"],
- File["/etc/apt/apt.conf.d"],
- Config_file[apt_config] ];
+ subscribe => [ File["/etc/apt/sources.list", "/etc/apt/preferences", "/etc/apt/apt.conf.d"],
+ Config_file["apt_config"] ];
'update_apt':
command => '/usr/bin/apt-get update && /usr/bin/apt-get autoclean',
- require => [ File["/etc/apt/sources.list"],
- File["/etc/apt/preferences"], Config_file[apt_config] ],
+ require => [ File["/etc/apt/sources.list", "/etc/apt/preferences"], Config_file["apt_config"] ],
loglevel => info,
# Another Semaphor for all packages to reference
- alias => apt_updated;
+ alias => "apt_updated";
}
## This package should really always be current
package { "debian-archive-keyring": ensure => latest }
+ # backports uses the normal archive key now
+ package { "debian-backports-keyring": ensure => absent }
- case $lsbdistcodename {
- etch: {
- package { "debian-backports-keyring": ensure => latest }
-
- # This key was downloaded from
- # http://backports.org/debian/archive.key
- # and is needed to bootstrap the backports trustpath
- file { "${apt_base_dir}/backports.org.key":
- source => "puppet:///modules/apt/backports.org.key",
- mode => 0444, owner => root, group => root,
- }
- exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
- alias => "backports_key",
- refreshonly => true,
- subscribe => File["${apt_base_dir}/backports.org.key"],
- before => [ File[apt_config], Package["debian-backports-keyring"] ]
- }
+ case $custom_key_dir {
+ '': {
+ exec { "/bin/true # no_custom_keydir": }
}
- lenny: {
- package { "debian-backports-keyring": ensure => latest }
-
- # This key was downloaded from
- # http://backports.org/debian/archive.key
- # and is needed to bootstrap the backports trustpath
- file { "${apt_base_dir}/backports.org.key":
- source => "puppet:///modules/apt/backports.org.key",
- mode => 0444, owner => root, group => root,
+ default: {
+ file { "${apt_base_dir}/keys.d":
+ source => "$custom_key_dir",
+ recurse => true,
+ mode => 0755, owner => root, group => root,
}
- exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
- alias => "backports_key",
+ exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
+ alias => "custom_keys",
+ subscribe => File["${apt_base_dir}/keys.d"],
refreshonly => true,
- subscribe => File["${apt_base_dir}/backports.org.key"],
- before => [ Config_file[apt_config], Package["debian-backports-keyring"] ]
+ before => Config_file["apt_config"];
}
}
}
- if $custom_key_dir {
- file { "${apt_base_dir}/keys.d":
- source => "$custom_key_dir",
- recurse => true,
- mode => 0755, owner => root, group => root,
- }
- exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
- alias => "custom_keys",
- subscribe => File["${apt_base_dir}/keys.d"],
- refreshonly => true,
- before => Config_file[apt_config];
- }
- }
-
# workaround for preseeded_package component
file { [ "/var/cache", "/var/cache/local", "/var/cache/local/preseeding" ]: ensure => directory }
}
diff --git a/templates/sources.list.backports.erb b/templates/sources.list.backports.erb
new file mode 100644
index 0000000..b271ca7
--- /dev/null
+++ b/templates/sources.list.backports.erb
@@ -0,0 +1,8 @@
+# This file is brought to you by puppet
+
+# backports
+<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%>
+# There are no backports for for <%= lsbdistcodename %>
+<% else -%>
+deb http://backports.debian.org/debian-backports/ <%= lsbdistcodename %>-backports main
+<% end -%>
diff --git a/templates/sources.list.erb b/templates/sources.list.erb
index 169d7b5..feb5603 100644
--- a/templates/sources.list.erb
+++ b/templates/sources.list.erb
@@ -9,9 +9,3 @@ deb http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free
deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free
<% end -%>
-# backports
-<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%>
-# There are no backports for for <%= lsbdistcodename %>
-<% else -%>
-deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main
-<% end -%>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-05 03:00:54 +0000