aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README22
-rw-r--r--files/50unattended-upgrades20
-rw-r--r--files/Debian/50unattended-upgrades (renamed from files/squeeze/50unattended-upgrades)0
-rw-r--r--files/Debian/50unattended-upgrades.lenny (renamed from files/lenny/50unattended-upgrades)0
-rw-r--r--files/Debian/50unattended-upgrades.squeeze13
-rw-r--r--files/Debian/50unattended-upgrades.wheezy15
-rw-r--r--files/Ubuntu/50unattended-upgrades16
-rw-r--r--manifests/init.pp7
-rw-r--r--manifests/params.pp1
-rw-r--r--manifests/unattended_upgrades.pp13
10 files changed, 65 insertions, 42 deletions
diff --git a/README b/README
index f241a19..35a88b2 100644
--- a/README
+++ b/README
@@ -129,18 +129,6 @@ pull in the templates/site_apt/sources.list file:
$custom_sources_list = template('site_apt/sources.list')
-$custom_key_dir
----------------
-
-If you have different apt-key files that you want to get added to your
-apt keyring, you can set this variable to a path in your fileserver
-where individual key files can be placed. If this is set and keys
-exist there, this module will 'apt-key add' each key.
-
-The debian-archive-keyring package is installed and kept current up to the
-latest revision (this includes the backports archive keyring).
-
-
Classes
=======
@@ -235,6 +223,16 @@ Class parameters:
include apt::dist_upgrade
class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] }
+* custom_key_dir
+
+ If you have different apt-key files that you want to get added to your
+ apt keyring, you can set this variable to a path in your fileserver
+ where individual key files can be placed. If this is set and keys
+ exist there, this module will 'apt-key add' each key.
+
+ The debian-archive-keyring package is installed and kept current up to the
+ latest revision (this includes the backports archive keyring).
+
apt::apticron
-------------
diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades
deleted file mode 100644
index ebf9f49..0000000
--- a/files/50unattended-upgrades
+++ /dev/null
@@ -1,20 +0,0 @@
-// this file is managed by puppet !
-
-Unattended-Upgrade::Origins-Pattern {
- // Debian
- "o=${distro_id},n=${distro_codename}";
- "o=${distro_id},n=${distro_codename}-updates";
- "o=${distro_id},n=${distro_codename},l=Debian-security";
- "o=${distro_id} Backports,n=${distro_codename}-backports";
- // Ubuntu specific
- "o=${distro_id},a=${distro_codename}-security";
- "o=${distro_id},a=${distro_codename}-backports";
- "o=${distro_id},a=${distro_codename}-proposed";
-};
-
-APT::Periodic::Update-Package-Lists "1";
-APT::Periodic::Download-Upgradeable-Packages "1";
-APT::Periodic::Unattended-Upgrade "1";
-
-Unattended-Upgrade::Mail "root";
-Unattended-Upgrade::MailOnlyOnError "true";
diff --git a/files/squeeze/50unattended-upgrades b/files/Debian/50unattended-upgrades
index 0901ad3..0901ad3 100644
--- a/files/squeeze/50unattended-upgrades
+++ b/files/Debian/50unattended-upgrades
diff --git a/files/lenny/50unattended-upgrades b/files/Debian/50unattended-upgrades.lenny
index d55bb29..d55bb29 100644
--- a/files/lenny/50unattended-upgrades
+++ b/files/Debian/50unattended-upgrades.lenny
diff --git a/files/Debian/50unattended-upgrades.squeeze b/files/Debian/50unattended-upgrades.squeeze
new file mode 100644
index 0000000..8f4a926
--- /dev/null
+++ b/files/Debian/50unattended-upgrades.squeeze
@@ -0,0 +1,13 @@
+// this file is managed by puppet !
+
+Unattended-Upgrade::Allowed-Origins {
+ "Debian oldstable";
+ "Debian-Security oldstable";
+ "${distro_id} ${distro_codename}-backports";
+};
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::Unattended-Upgrade "1";
+
+Unattended-Upgrade::Mail "root";
diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy
new file mode 100644
index 0000000..e787bf5
--- /dev/null
+++ b/files/Debian/50unattended-upgrades.wheezy
@@ -0,0 +1,15 @@
+// this file is managed by puppet !
+
+Unattended-Upgrade::Allowed-Origins {
+ "${distro_id}:stable";
+ "${distro_id}:${distro_codename}-security";
+ "${distro_id}:${distro_codename}-updates";
+ "${distro_id} Backports:${distro_codename}-backports";
+};
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::Unattended-Upgrade "1";
+
+Unattended-Upgrade::Mail "root";
+Unattended-Upgrade::MailOnlyOnError "true";
diff --git a/files/Ubuntu/50unattended-upgrades b/files/Ubuntu/50unattended-upgrades
new file mode 100644
index 0000000..25c7758
--- /dev/null
+++ b/files/Ubuntu/50unattended-upgrades
@@ -0,0 +1,16 @@
+// this file is managed by puppet !
+
+Unattended-Upgrade::Allowed-Origins {
+ "${distro_id}:${distro_codename}-security";
+ "${distro_id}:${distro_codename}-updates";
+ "${distro_id}:${distro_codename}-backports";
+ //"${distro_id}:${distro_codename}-proposed";
+};
+
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::Unattended-Upgrade "1";
+
+Unattended-Upgrade::Mail "root";
+Unattended-Upgrade::MailOnlyOnError "true";
diff --git a/manifests/init.pp b/manifests/init.pp
index faddf09..33eac37 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -15,7 +15,8 @@ class apt(
$ubuntu_url = $apt::params::ubuntu_url,
$repos = $apt::params::repos,
$custom_preferences = $apt::params::custom_preferences,
- $disable_update = $apt::params::disable_update
+ $disable_update = $apt::params::disable_update,
+ $custom_key_dir = $apt::params::custom_key_dir
) inherits apt::params {
case $::operatingsystem {
'debian': {
@@ -113,9 +114,9 @@ class apt(
$apt_base_dir = "${common::moduledir::module_dir_path}/apt"
modules_dir { 'apt': }
- if $::custom_key_dir {
+ if $custom_key_dir {
file { "${apt_base_dir}/keys.d":
- source => $::custom_key_dir,
+ source => $custom_key_dir,
recurse => true,
owner => root,
group => root,
diff --git a/manifests/params.pp b/manifests/params.pp
index b210ff6..12273ac 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -14,4 +14,5 @@ class apt::params () {
$repos = 'auto'
$custom_preferences = ''
$disable_update = false
+ $custom_key_dir = false
}
diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp
index 3492e5f..17455fe 100644
--- a/manifests/unattended_upgrades.pp
+++ b/manifests/unattended_upgrades.pp
@@ -6,13 +6,12 @@ class apt::unattended_upgrades {
}
apt_conf { '50unattended-upgrades':
- source => [
- "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades",
- 'puppet:///modules/site_apt/50unattended-upgrades',
- "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades",
- 'puppet:///modules/apt/50unattended-upgrades' ],
- require => Package['unattended-upgrades'],
- refresh_apt => false
+ source => [
+ "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}",
+ "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades",
+ "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}",
+ "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades" ],
+ require => Package['unattended-upgrades'],
}
Apt_conf['50unattended-upgrades'] {