diff options
-rw-r--r-- | files/10periodic | 7 | ||||
-rw-r--r-- | files/lucid/50unattended-upgrades | 34 | ||||
-rw-r--r-- | manifests/unattended_upgrades.pp | 11 | ||||
-rw-r--r-- | templates/Ubuntu/sources.list.erb | 2 | ||||
-rw-r--r-- | templates/proxy.erb | 4 | ||||
-rw-r--r-- | templates/sources.list.volatile.erb | 8 |
6 files changed, 65 insertions, 1 deletions
diff --git a/files/10periodic b/files/10periodic new file mode 100644 index 0000000..6c06232 --- /dev/null +++ b/files/10periodic @@ -0,0 +1,7 @@ +// this file is managed by puppet ! +// +//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature. +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::AutocleanInterval "7"; +APT::Periodic::Unattended-Upgrade "1"; diff --git a/files/lucid/50unattended-upgrades b/files/lucid/50unattended-upgrades new file mode 100644 index 0000000..9c22a64 --- /dev/null +++ b/files/lucid/50unattended-upgrades @@ -0,0 +1,34 @@ +// this file is managed by puppet ! +// +//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature. + +// allowed (origin, archive) pairs +Unattended-Upgrade::Allowed-Origins { + "Ubuntu lucid-security"; + "Ubuntu lucid-updates"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Unattended-Upgrade "1"; +Unattended-Upgrade::Mail "root"; +Unattended-Upgrade::MailOnlyOnError "true"; + +APT::UnattendedUpgrades::LogDir "/var/log/"; +APT::UnattendedUpgrades::LogFile "unattended_upgrades.log"; + +Unattended-Upgrade::Package-Blacklist { + // we don't want the kernel to be updated so nagios still can give a warning if there is + // a manual update (and reboot) left + + "linux-image-*"; + + // unfortunately there seems to be a bug in unattended-upgrades <= 0.62 that wildcards aren't recognized: + //2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-* + //2009-12-11 13:41:43,267 INFO Starting unattended upgrades script + //2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"] + //2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64 + //2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log' + //2009-12-11 13:42:11,988 INFO All upgrades installed + +}; + diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 34d4d31..23d9bd7 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -18,4 +18,15 @@ class apt::unattended_upgrades { before => Concat[apt_config], } } + + if $operatingsystem == 'ubuntu' { + file { '/etc/apt/apt.conf.d/10periodic': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => 'puppet:///modules/apt/10periodic', + require => Package['unattended-upgrades'], + } + } } diff --git a/templates/Ubuntu/sources.list.erb b/templates/Ubuntu/sources.list.erb index b5725f5..d356bd4 100644 --- a/templates/Ubuntu/sources.list.erb +++ b/templates/Ubuntu/sources.list.erb @@ -20,7 +20,7 @@ deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-security <%= repos %> <% end -%> # backports -deb <%= ubuntu_url %> <%= lsbdistcodename %>-backports main <%= repos %> +deb <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos %> <% if include_src then -%> deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos %> <% end -%> diff --git a/templates/proxy.erb b/templates/proxy.erb new file mode 100644 index 0000000..01c9861 --- /dev/null +++ b/templates/proxy.erb @@ -0,0 +1,4 @@ +Acquire { +<% if apt_http_proxy != false %> HTTP::Proxy "<%= apt_http_proxy %>";<% end %> +<% if apt_ftp_proxy != false %> FTP::Proxy "<%= apt_ftp_proxy %>";<% end %> +}; diff --git a/templates/sources.list.volatile.erb b/templates/sources.list.volatile.erb new file mode 100644 index 0000000..cc9316b --- /dev/null +++ b/templates/sources.list.volatile.erb @@ -0,0 +1,8 @@ +# This file is brought to you by puppet + +# backports +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There are no backports for for <%= lsbdistcodename %> +<% else -%> +deb http://volatile.debian.org/debian-volatile <%= lsbdistcodename %>/volatile main contrib non-free +<% end -%> |