diff options
-rw-r--r-- | README | 22 | ||||
-rw-r--r-- | files/50unattended-upgrades | 20 | ||||
-rw-r--r-- | files/Debian/50unattended-upgrades (renamed from files/squeeze/50unattended-upgrades) | 0 | ||||
-rw-r--r-- | files/Debian/50unattended-upgrades.lenny (renamed from files/lenny/50unattended-upgrades) | 0 | ||||
-rw-r--r-- | files/Debian/50unattended-upgrades.squeeze | 13 | ||||
-rw-r--r-- | files/Debian/50unattended-upgrades.wheezy | 15 | ||||
-rw-r--r-- | files/Ubuntu/50unattended-upgrades | 16 | ||||
-rw-r--r-- | manifests/init.pp | 7 | ||||
-rw-r--r-- | manifests/params.pp | 1 | ||||
-rw-r--r-- | manifests/unattended_upgrades.pp | 13 |
10 files changed, 65 insertions, 42 deletions
@@ -129,18 +129,6 @@ pull in the templates/site_apt/sources.list file: $custom_sources_list = template('site_apt/sources.list') -$custom_key_dir ---------------- - -If you have different apt-key files that you want to get added to your -apt keyring, you can set this variable to a path in your fileserver -where individual key files can be placed. If this is set and keys -exist there, this module will 'apt-key add' each key. - -The debian-archive-keyring package is installed and kept current up to the -latest revision (this includes the backports archive keyring). - - Classes ======= @@ -235,6 +223,16 @@ Class parameters: include apt::dist_upgrade class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] } +* custom_key_dir + + If you have different apt-key files that you want to get added to your + apt keyring, you can set this variable to a path in your fileserver + where individual key files can be placed. If this is set and keys + exist there, this module will 'apt-key add' each key. + + The debian-archive-keyring package is installed and kept current up to the + latest revision (this includes the backports archive keyring). + apt::apticron ------------- diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades deleted file mode 100644 index ebf9f49..0000000 --- a/files/50unattended-upgrades +++ /dev/null @@ -1,20 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Origins-Pattern { - // Debian - "o=${distro_id},n=${distro_codename}"; - "o=${distro_id},n=${distro_codename}-updates"; - "o=${distro_id},n=${distro_codename},l=Debian-security"; - "o=${distro_id} Backports,n=${distro_codename}-backports"; - // Ubuntu specific - "o=${distro_id},a=${distro_codename}-security"; - "o=${distro_id},a=${distro_codename}-backports"; - "o=${distro_id},a=${distro_codename}-proposed"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; -Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/files/squeeze/50unattended-upgrades b/files/Debian/50unattended-upgrades index 0901ad3..0901ad3 100644 --- a/files/squeeze/50unattended-upgrades +++ b/files/Debian/50unattended-upgrades diff --git a/files/lenny/50unattended-upgrades b/files/Debian/50unattended-upgrades.lenny index d55bb29..d55bb29 100644 --- a/files/lenny/50unattended-upgrades +++ b/files/Debian/50unattended-upgrades.lenny diff --git a/files/Debian/50unattended-upgrades.squeeze b/files/Debian/50unattended-upgrades.squeeze new file mode 100644 index 0000000..8f4a926 --- /dev/null +++ b/files/Debian/50unattended-upgrades.squeeze @@ -0,0 +1,13 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "Debian oldstable"; + "Debian-Security oldstable"; + "${distro_id} ${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy new file mode 100644 index 0000000..e787bf5 --- /dev/null +++ b/files/Debian/50unattended-upgrades.wheezy @@ -0,0 +1,15 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:stable"; + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id} Backports:${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; +Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/files/Ubuntu/50unattended-upgrades b/files/Ubuntu/50unattended-upgrades new file mode 100644 index 0000000..25c7758 --- /dev/null +++ b/files/Ubuntu/50unattended-upgrades @@ -0,0 +1,16 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id}:${distro_codename}-backports"; + //"${distro_id}:${distro_codename}-proposed"; +}; + + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; +Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/manifests/init.pp b/manifests/init.pp index faddf09..33eac37 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -15,7 +15,8 @@ class apt( $ubuntu_url = $apt::params::ubuntu_url, $repos = $apt::params::repos, $custom_preferences = $apt::params::custom_preferences, - $disable_update = $apt::params::disable_update + $disable_update = $apt::params::disable_update, + $custom_key_dir = $apt::params::custom_key_dir ) inherits apt::params { case $::operatingsystem { 'debian': { @@ -113,9 +114,9 @@ class apt( $apt_base_dir = "${common::moduledir::module_dir_path}/apt" modules_dir { 'apt': } - if $::custom_key_dir { + if $custom_key_dir { file { "${apt_base_dir}/keys.d": - source => $::custom_key_dir, + source => $custom_key_dir, recurse => true, owner => root, group => root, diff --git a/manifests/params.pp b/manifests/params.pp index b210ff6..12273ac 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -14,4 +14,5 @@ class apt::params () { $repos = 'auto' $custom_preferences = '' $disable_update = false + $custom_key_dir = false } diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 3492e5f..17455fe 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -6,13 +6,12 @@ class apt::unattended_upgrades { } apt_conf { '50unattended-upgrades': - source => [ - "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/site_apt/50unattended-upgrades', - "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/apt/50unattended-upgrades' ], - require => Package['unattended-upgrades'], - refresh_apt => false + source => [ + "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", + "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades", + "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", + "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades" ], + require => Package['unattended-upgrades'], } Apt_conf['50unattended-upgrades'] { |