diff options
36 files changed, 607 insertions, 565 deletions
@@ -15,11 +15,82 @@ prevent accidental upgrades. Ubuntu support is lagging behind but not absent either. +! Upgrade Notice ! + + * the apt class has been moved to a paramterized class. if you were including + this class before, after passing some variables, you will need to move to + instantiating the class with those variables instead. For example, if you + had the following in your manifests: + + $apt_debian_url = 'http://localhost:9999/debian/' + $apt_use_next_release = true + include apt + + you will need to remove the variables, and the include and instead do + the following: + + class { 'apt': debian_url => 'http://localhost:9999/debian/', use_next_release => true } + + previously, you could manually set $lsbdistcodename which would enable forced + upgrades, but because this is a top-level facter variable, and newer puppet + versions do not let you assign variables to other namespaces, this is no + longer possible. However, there is a way to obtain this functionality, and + that is to pass the 'codename' parameter to the apt class, which will change + the sources.list and preferences files to be the codename you set, allowing + you to trigger upgrades: + + include apt::dist_upgrade + class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] } + + * the apticron class has been moved to a parameterized class. if you were + including this class before, you will need to move to instantiating the + class instead. For example, if you had the following in your manifests: + + $apticron_email = 'foo@example.com' + $apticron_notifynew = '1' + ... any $apticron_* variables + include apticron + + you will need to remove the variables, and the include and instead do the + following: + + class { 'apt::apticron': email => 'foo@example.com', notifynew => '1' } + + * the apt::listchanges class has been moved to a paramterized class. if you + were including this class before, after passing some variables, you will need + to move to instantiating the class with those variables instead. For example, + if you had the following in your manifests: + + $apt_listchanges_email = 'foo@example.com' + ... any $apt_listchanges_* variables + include apt::listchanges + + you will need to remove the variables, and the include and instead do the + following: + + class { 'apt::listchanges': email => 'foo@example.com' } + + * the apt::proxy_client class has been moved to a paramterized class. if you + were including this class before, after passing some variables, you will need + to move to instantiating the class with those variables instead. For example, + if you had the following in your manifests: + + $apt_proxy = 'http://proxy.domain' + $apt_proxy_port = 666 + include apt::proxy_client + + you will need to remove the variables, and the include and instead do the + following: + + class { 'apt::proxy_client': proxy => 'http://proxy.domain', port => '666' } + +Requirements +============ + This module needs: -- lsb-release installed +- the lsb module: git://labs.riseup.net/shared-lsb - the common module: git://labs.riseup.net/shared-common -- the concat module: git://labs.riseup.net/shared-concat By default, on normal hosts, this module sets the configuration option DSelect::Clean to 'auto'. On virtual servers, the value is set by default to @@ -45,13 +116,6 @@ site_apt/files/some.host.com/03clean_vserver) Variables ========= -$lsbdistcodename ----------------- - -Contains the codename ("etch", "lenny", ...) of the client's -release. While these values come from lsb-release by default, this -value can be set manually too, e.g. to enable forced upgrades. - $custom_sources_list -------------------- @@ -63,27 +127,7 @@ this variable to the content that you desire to use instead. For example, setting the following variable before including this class will pull in the templates/site_apt/sources.list file: - $custom_sources_list = template("site_apt/sources.list") - -$custom_preferences -------------------- - -Since Debian Lenny's version of APT doesn't support the use of the -preferences.d directory for putting fragments of 'preferences', this -module will manage a default generic apt/preferences file with more -recent releases pinned to very low values so that any package -installation will not accidentally pull in packages from those suites -unless you explicitly specify the version number. This file will be -complemented with all of the preferences_snippet calls (see below). - -If the default preferences template doesn't suit your needs, you can create a -template located in your site_apt module, and set $custom_preferences with the -content (eg. $custom_preferences = template('site_apt/preferences') ) - -Setting this variable to false before including this class will force the -apt/preferences file to be absent: - - $custom_preferences = false + $custom_sources_list = template('site_apt/sources.list') $custom_key_dir --------------- @@ -96,92 +140,122 @@ exist there, this module will 'apt-key add' each key. The debian-archive-keyring package is installed and kept current up to the latest revision (this includes the backports archive keyring). -$apt_proxy / $apt_proxy_port ----------------------------- -When you include the apt::proxy_client class in your nodes, you can set the -$apt_proxy variable to the URL of the proxy that will be used. -By default, the proxy will be queried on port 3142, but you can change the port -number by setting the $apt_proxy_port variable. +Classes +======= + +apt +--- -Here's an example of setting the proxy to 'http://proxy.domain' at port 666: +The apt class sets up most of the documented functionality. To use functionality +that is not enabled by default, you must set one of the following parameters. - $apt_proxy = 'http://proxy.domain' - $apt_proxy_port = 666 - include apt::proxy_client +Example usage: -$apt_volatile_enabled ------------------ + class { 'apt': use_next_release => true, debian_url => 'http://localhost:9999/debian/' } -If this variable is set to true the Debian Volatile sources (until -Lenny) or CODENAME-updates (such as squeeze-updates, supported since -Squeeze) are added. -By default this is false for backward compatibility with older -versions of this module. +Class parameters: -$apt_include_src ----------------- +* use_volatile -If this variable is set to true a deb-src source is added for every -added binary archive source. -By default this is false for backward compatibility with older -versions of this module. + If this variable is set to true the Debian Volatile sources (until + Lenny) or CODENAME-updates (such as squeeze-updates, supported since + Squeeze) are added. -$apt_use_next_release ---------------------- + By default this is false for backward compatibility with older + versions of this module. -If this variable is set to true the sources for the next Debian -release are added. The default pinning configuration pins it to very -low values. -By default this is false for backward compatibility with older -versions of this module. +* include_src -$apt_debian_url, $apt_security_url, $apt_backports_url, $apt_volatile_url -------------------------------------------------------------------------- + If this variable is set to true a deb-src source is added for every + added binary archive source. -These variables allow to override the default APT mirrors respectively -used for the standard Debian archives, the Debian security archive, -the Debian official backports and the Debian Volatile archive. + By default this is false for backward compatibility with older + versions of this module. -$apt_ubuntu_url ---------------- +* use_next_release -These variables allows to override the default APT mirror used for all -standard Ubuntu archives (including updates, security, backports). + If this variable is set to true the sources for the next Debian + release are added. The default pinning configuration pins it to very + low values. -$apt_repos ----------- + By default this is false for backward compatibility with older + versions of this module. -If this variable is set the default repositories list ("main contrib non-free") -is overriden. +* debian_url, security_url, backports_url, volatile_url -Classes -======= + These variables allow to override the default APT mirrors respectively + used for the standard Debian archives, the Debian security archive, + the Debian official backports and the Debian Volatile archive. -apt ---- +* ubuntu_url + + These variables allows to override the default APT mirror used for all + standard Ubuntu archives (including updates, security, backports). -The apt class sets up most of the documented functionality. To use -functionality that is not enabled by default, you must include one of -the following classes. +* repos + + If this variable is set the default repositories list ("main contrib non-free") + is overriden. + +* disable_update + + Disable "apt-get update" which is normally triggered by apt::upgrade_package + and apt::dist_upgrade. + + Note that nodes can be updated once a day by using + APT::Periodic::Update-Package-Lists "1"; + in i.e. /etc/apt/apt.conf.d/80_apt_update_daily. + +* custom_preferences + + Since Debian Lenny's version of APT doesn't support the use of the + preferences.d directory for putting fragments of 'preferences', this + module will manage a default generic apt/preferences file with more + recent releases pinned to very low values so that any package + installation will not accidentally pull in packages from those suites + unless you explicitly specify the version number. This file will be + complemented with all of the preferences_snippet calls (see below). + + If the default preferences template doesn't suit your needs, you can create a + template located in your site_apt module, and set custom_preferences with the + content (eg. custom_preferences => template('site_apt/preferences') ) + + Setting this variable to false before including this class will force the + apt/preferences file to be absent: + + class { 'apt': custom_preferences => false } + +* codename + + Contains the codename ("squeeze", "wheezy", ...) of the client's release. While + these values come from lsb-release by default, this parameter can be set + manually, e.g. to enable forced upgrades. For example: + + include apt::dist_upgrade + class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] } apt::apticron ------------- -When you include this class, apticron will be installed, with the following -defaults, which you are free to change before you include the class: - - $apticron_ensure_version = "present" - $apticron_email = "root" - $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb" - $apticron_diff_only = "1" - $apticron_listchanges_profile = "apticron" - $apticron_system = false - $apticron_ipaddressnum = false - $apticron_ipaddresses = false - $apticron_notifyholds = "0" - $apticron_notifynew = "0" - $apticron_customsubject = "" +When you instantiate this class, apticron will be installed, with the following +defaults, which you are free to change: + + $ensure_version = 'installed', + $config = "apt/${::operatingsystem}/apticron_${::lsbdistcodename}.erb", + $email = 'root', + $diff_only = '1', + $listchanges_profile = 'apticron', + $system = false, + $ipaddressnum = false, + $ipaddresses = false, + $notifyholds = '0', + $notifynew = '0', + $customsubject = '' + +Example usage: + + class { 'apt::apticron': email => 'foo@example.com', notifynew => '1' } apt::cron::download ------------------- @@ -194,7 +268,7 @@ $apt_cron_hours variable before you include the class: its value will be passed as the "hours" parameter of a cronjob. Example: # Run cron-apt every three hours - $apt_cron_hours = "*/3" + $apt_cron_hours = '*/3' Note that the default 4 AM cronjob won't be disabled. @@ -230,9 +304,9 @@ file's content changes. The initiator file is copied from the first available source amongst the following ones, in decreasing priority order: -- puppet:///site_apt/${fqdn}/upgrade_initiator -- puppet:///site_apt/upgrade_initiator -- puppet:///apt/upgrade_initiator +- puppet:///modules/site_apt/${::fqdn}/upgrade_initiator +- puppet:///modules/site_apt/upgrade_initiator +- puppet:///modules/apt/upgrade_initiator This is useful when one does not want to setup a fully automated upgrade process but still needs a way to manually trigger full @@ -254,22 +328,33 @@ suppress superfluous help screens. apt::listchanges ---------------- -This class, when included, installs apt-listchanges and configures it using the -following variables, the defaults are below: +This class, when instantiated, installs apt-listchanges and configures it using +the following parameterized variables, which can be changed: - $apt_listchanges_version = "present" - $apt_listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb" - $apt_listchanges_frontend = "pager" - $apt_listchanges_email = "root" - $apt_listchanges_confirm = "0" - $apt_listchanges_saveseen = "/var/lib/apt/listchanges.db" - $apt_listchanges_which = "both" + version = 'present' + config = "apt/${::operatingsystem}/listchanges_${::lsbrelease}.erb" + frontend = 'pager' + email = 'root' + confirm = 0 + saveseen = '/var/lib/apt/listchanges.db' + which = 'both' + Example usage: + class { 'apt::listchanges': email => 'foo@example.com' } + apt::proxy_client ----------------- This class adds the right configuration to apt to make it fetch packages via a -proxy. The variables $apt_proxy and $apt_proxy_port need to be set (see above). +proxy. The class parameters apt_proxy and apt_proxy_port need to be set: + +You can set the 'proxy' class parameter variable to the URL of the proxy that +will be used. By default, the proxy will be queried on port 3142, but you can +change the port number by setting the 'port' class parameter. + +Example: + + class { 'apt::proxy_client': proxy => 'http://proxy.domain', port => '666' } apt::reboot_required_notify --------------------------- @@ -297,43 +382,54 @@ meta-parameter to define content inline or with the help of a template. Example: - apt::apt_conf { "80download-only": - source => "puppet:///modules/site_apt/80download-only", + apt::apt_conf { '80download-only': + source => 'puppet:///modules/site_apt/80download-only', } apt::preferences_snippet ------------------------ -A way to add pinning information to /etc/apt/preferences +A way to add pinning information to files in /etc/apt/preferences.d/ Example: - apt::preferences_snippet{ + apt::preferences_snippet { 'irssi-plugin-otr': - release => 'lenny-backports', + release => 'squeeze-backports', priority => 999; } - apt::preferences_snippet{ + apt::preferences_snippet { 'unstable_fallback': package => '*', release => 'unstable', priority => 1; } - apt::preferences_snippet{ + apt::preferences_snippet { 'ttdnsd': pin => 'origin deb.torproject.org', priority => 999; } +The names of the resources will be used as the names of the files in the +preferences.d directory, so you should ensure that resource names follow the +prescribed naming scheme. + +From apt_preferences(5): + Note that the files in the /etc/apt/preferences.d directory are parsed in + alphanumeric ascending order and need to obey the following naming + convention: The files have no or "pref" as filename extension and which + only contain alphanumeric, hyphen (-), underscore (_) and period (.) + characters - otherwise they will be silently ignored. + apt::preseeded_package ---------------------- This simplifies installation of packages for which you wish to preseed the answers to debconf. For example, if you wish to provide a preseed file for the locales package, you would place the locales.seed file in -'site_apt/templates/$lsbdistcodename/locales.seeds' and then include the +'site_apt/templates/${::lsbdistcodename}/locales.seeds' and then include the following in your manifest: apt::preseeded_package { locales: } @@ -341,12 +437,12 @@ following in your manifest: You can also specify the content of the seed via the content parameter, for example: - apt::preseeded_package { "apticron": - content => "apticron apticron/notification string root@example.com", + apt::preseeded_package { 'apticron': + content => 'apticron apticron/notification string root@example.com', } apt::sources_list -------------- +----------------- Creates a file in the apt/sources.list.d directory to easily add additional apt sources. One can use either the 'source' meta-parameter to specify a list of @@ -355,9 +451,9 @@ meta-parameter to define content inline or with the help of a template. Example: - apt::sources_list { "company_internals.list": - source => ["puppet:///modules/site_apt/${fqdn}/company_internals.list", - "puppet:///modules/site_apt/company_internals.list"], + apt::sources_list { 'company_internals.list': + source => [ "puppet:///modules/site_apt/${::fqdn}/company_internals.list", + 'puppet:///modules/site_apt/company_internals.list' ], } apt::upgrade_package @@ -373,23 +469,23 @@ For example, the following upgrades the perl package to version 5.8.8-7etch1 (if it is installed), it also upgrades the syslog-ng and perl-modules packages to their latest (also, only if they are installed): -upgrade_package { "perl": +upgrade_package { 'perl': version => '5.8.8-7etch1'; - "syslog-ng": + 'syslog-ng': version => latest; - "perl-modules": + 'perl-modules': } Resources ========= -Concat[apt_config] +File['apt_config'] ------------------ Use this resource to depend on or add to a completed apt configuration -Exec[apt_updated] ------------------ +Exec['apt_updated'] +------------------- After this point the APT indexes are up-to-date. @@ -397,7 +493,7 @@ This resource is usually used like this to ensure current packages are installed by Package resources: include apt::update - Package { require => Exec[apt_updated] } + Package { require => Exec['apt_updated'] } Please note that the apt::upgrade_package define automatically uses this resource so you don't have to manage this yourself if you need to diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index 46fc0dc..ebf9f49 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -1,58 +1,20 @@ // this file is managed by puppet ! -// -//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature. -// allowed (origin, archive) pairs -Unattended-Upgrade::Allowed-Origins { - "Debian stable"; - "Debian-Security stable"; -// "Debian testing"; +Unattended-Upgrade::Origins-Pattern { + // Debian + "o=${distro_id},n=${distro_codename}"; + "o=${distro_id},n=${distro_codename}-updates"; + "o=${distro_id},n=${distro_codename},l=Debian-security"; + "o=${distro_id} Backports,n=${distro_codename}-backports"; + // Ubuntu specific + "o=${distro_id},a=${distro_codename}-security"; + "o=${distro_id},a=${distro_codename}-backports"; + "o=${distro_id},a=${distro_codename}-proposed"; }; APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; APT::Periodic::Unattended-Upgrade "1"; + Unattended-Upgrade::Mail "root"; Unattended-Upgrade::MailOnlyOnError "true"; - -APT::UnattendedUpgrades::LogDir "/var/log/"; -APT::UnattendedUpgrades::LogFile "unattended_upgrades.log"; - -Unattended-Upgrade::Package-Blacklist { - // we don't want the kernel to be updated so nagios still can give a warning if there is - // a manual update (and reboot) left - - "linux-image-*"; - - // unfortunately there seems to be a bug in unattended-upgrades <= 0.62 that wildcards aren't recognized: - //2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-* - //2009-12-11 13:41:43,267 INFO Starting unattended upgrades script - //2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"] - //2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64 - //2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log' - //2009-12-11 13:42:11,988 INFO All upgrades installed - - // lenny - "linux-image-2.6.26-1-686"; - "linux-image-2.6.26-1-amd64"; - "linux-image-2.6.26-1-xen-686"; - "linux-image-2.6.26-1-xen-amd64"; - "linux-image-2.6.26-1-vserver-686"; - "linux-image-2.6.26-1-vserver-amd64"; - - "linux-image-2.6.26-2-686"; - "linux-image-2.6.26-2-amd64"; - "linux-image-2.6.26-2-xen-686"; - "linux-image-2.6.26-2-xen-amd64"; - "linux-image-2.6.26-2-vserver-686"; - "linux-image-2.6.26-2-vserver-amd64"; - - // squeeze - "linux-image-2.6.32-5-686"; - "linux-image-2.6.32-5-amd64"; - "linux-image-2.6.32-5-xen-686"; - "linux-image-2.6.32-5-xen-amd64"; - "linux-image-2.6.32-5-vserver-686"; - "linux-image-2.6.32-5-vserver-amd64"; - -}; - diff --git a/files/lenny/50unattended-upgrades b/files/lenny/50unattended-upgrades new file mode 100644 index 0000000..d55bb29 --- /dev/null +++ b/files/lenny/50unattended-upgrades @@ -0,0 +1,13 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "Debian oldstable"; + "Debian-Security oldstable"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; + diff --git a/files/squeeze/50unattended-upgrades b/files/squeeze/50unattended-upgrades new file mode 100644 index 0000000..0901ad3 --- /dev/null +++ b/files/squeeze/50unattended-upgrades @@ -0,0 +1,14 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:stable"; + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id} Backports:${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/manifests/apt_conf.pp b/manifests/apt_conf.pp index fe07546..d78fb9b 100644 --- a/manifests/apt_conf.pp +++ b/manifests/apt_conf.pp @@ -19,8 +19,10 @@ define apt::apt_conf( # apparently doesn't. file { "/etc/apt/apt.conf.d/${name}": ensure => $ensure, - owner => root, group => 0, mode => 0644, - notify => Exec["refresh_apt"], + owner => root, + group => 0, + mode => '0644', + notify => Exec['refresh_apt'], } if $source { diff --git a/manifests/apticron.pp b/manifests/apticron.pp index 2fe8e44..54d7b71 100644 --- a/manifests/apticron.pp +++ b/manifests/apticron.pp @@ -1,54 +1,24 @@ -class apt::apticron { - - case $apticron_ensure_version { - '': { $apticron_ensure_version = "present" } - } - - case $apticron_config { - '': { $apticron_config = "apt/${operatingsystem}/apticron_${lsbdistcodename}.erb" } - } - - case $apticron_email { - '': { $apticron_email = "root" } - } - - case $apticron_diff_only { - '': { $apticron_diff_only = "1" } - } - - case $apticron_listchanges_profile { - '': { $apticron_listchanges_profile = "apticron" } - } - - case $apticron_system { - '': { $apticron_system = false } - } - - case $apticron_ipaddressnum { - '': { $apticron_ipaddressnum = false } - } - - case $apticron_ipaddresses { - '': { $apticron_ipaddresses = false } - } - - case $apticron_notifyholds { - '': { $apticron_notifyholds = "0" } - } - - case $apticron_notifynew { - '': { $apticron_notifynew = "0" } - } - - case $apticron_customsubject { - '': { $apticron_customsubject = "" } - } - - package { apticron: ensure => $apticron_ensure_version } - - file { "/etc/apticron/apticron.conf": - content => template($apticron_config), - mode => 0644, owner => root, group => root, - require => Package["apticron"]; +class apt::apticron( + $ensure_version = 'installed', + $config = "apt/${::operatingsystem}/apticron_${::lsbdistcodename}.erb", + $email = 'root', + $diff_only = '1', + $listchanges_profile = 'apticron', + $system = false, + $ipaddressnum = false, + $ipaddresses = false, + $notifyholds = '0', + $notifynew = '0', + $customsubject = '' +) { + + package { 'apticron': ensure => $ensure_version } + + file { '/etc/apticron/apticron.conf': + content => template($apt::apticron::config), + owner => root, + group => root, + mode => '0644', + require => Package['apticron']; } } diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp index 7ccfce6..39fc306 100644 --- a/manifests/cron/base.pp +++ b/manifests/cron/base.pp @@ -1,6 +1,6 @@ class apt::cron::base { - package { cron-apt: ensure => installed } + package { 'cron-apt': ensure => installed } case $apt_cron_hours { '': {} diff --git a/manifests/cron/dist_upgrade.pp b/manifests/cron/dist_upgrade.pp index 1c8adb1..74403bb 100644 --- a/manifests/cron/dist_upgrade.pp +++ b/manifests/cron/dist_upgrade.pp @@ -4,20 +4,26 @@ class apt::cron::dist_upgrade inherits apt::cron::base { dist-upgrade -y -o APT::Get::Show-Upgraded=true -o 'DPkg::Options::=--force-confold' " - file { "/etc/cron-apt/action.d/3-download": + file { '/etc/cron-apt/action.d/3-download': ensure => absent, } - package { "apt-listbugs": ensure => absent } + package { 'apt-listbugs': ensure => absent } - config_file { "/etc/cron-apt/action.d/4-dist-upgrade": + file { '/etc/cron-apt/action.d/4-dist-upgrade': content => $action, - require => Package[cron-apt] + owner => root, + group => 0, + mode => '0644', + require => Package[cron-apt]; } - config_file { "/etc/cron-apt/config.d/MAILON": + file { '/etc/cron-apt/config.d/MAILON': content => "MAILON=upgrade\n", - require => Package[cron-apt] + owner => root, + group => 0, + mode => '0644', + require => Package[cron-apt]; } } diff --git a/manifests/cron/download.pp b/manifests/cron/download.pp index a27967d..4a19fec 100644 --- a/manifests/cron/download.pp +++ b/manifests/cron/download.pp @@ -3,19 +3,25 @@ class apt::cron::download inherits apt::cron::base { $action = "autoclean -y dist-upgrade -d -y -o APT::Get::Show-Upgraded=true " - - file { "/etc/cron-apt/action.d/4-dist-upgrade": + + file { '/etc/cron-apt/action.d/4-dist-upgrade': ensure => absent, } - config_file { "/etc/cron-apt/action.d/3-download": + file { '/etc/cron-apt/action.d/3-download': content => $action, - require => Package[cron-apt] + require => Package[cron-apt], + owner => root, + group => 0, + mode => '0644'; } - config_file { "/etc/cron-apt/config.d/MAILON": + file { '/etc/cron-apt/config.d/MAILON': content => "MAILON=changes\n", - require => Package[cron-apt] + require => Package[cron-apt], + owner => root, + group => 0, + mode => '0644'; } } diff --git a/manifests/dist_upgrade.pp b/manifests/dist_upgrade.pp index 9e26769..bf78dcc 100644 --- a/manifests/dist_upgrade.pp +++ b/manifests/dist_upgrade.pp @@ -1,11 +1,18 @@ class apt::dist_upgrade { - include apt::update + if $apt::disable_update == false { + include apt::update + } + + $req = $apt::disable_update ? { + true => undef, + default => Exec['apt_updated'], + } exec { 'apt_dist-upgrade': - command => "/usr/bin/apt-get -q -y -o 'DPkg::Options::=--force-confold' dist-upgrade", + command => '/usr/bin/apt-get -q -y -o \'DPkg::Options::=--force-confold\' dist-upgrade', refreshonly => true, - require => Exec['apt_updated'], + require => $req } } diff --git a/manifests/dist_upgrade/initiator.pp b/manifests/dist_upgrade/initiator.pp index 571cd51..d238988 100644 --- a/manifests/dist_upgrade/initiator.pp +++ b/manifests/dist_upgrade/initiator.pp @@ -4,15 +4,15 @@ class apt::dist_upgrade::initiator inherits apt::dist_upgrade { $initiator_abs = "${apt::apt_base_dir}/${initiator}" file { 'apt_upgrade_initiator': - mode => 0644, + mode => '0644', owner => root, group => 0, - path => "${initiator_abs}", + path => $initiator_abs, checksum => md5, source => [ - "puppet:///modules/site_apt/${fqdn}/${initiator}", - "puppet:///modules/site_apt/${initiator}", - "puppet:///modules/apt/${initiator}", + "puppet:///modules/site_apt/${::fqdn}/${initiator}", + "puppet:///modules/site_apt/${initiator}", + "puppet:///modules/apt/${initiator}", ], } diff --git a/manifests/dot_d_directories.pp b/manifests/dot_d_directories.pp index 742aad4..37c3fc8 100644 --- a/manifests/dot_d_directories.pp +++ b/manifests/dot_d_directories.pp @@ -2,20 +2,20 @@ class apt::dot_d_directories { # watch .d directories and ensure they are present file { - "/etc/apt/apt.conf.d": - ensure => directory, + '/etc/apt/apt.conf.d': + ensure => directory, checksum => mtime, - notify => Exec['refresh_apt']; - "/etc/apt/sources.list.d": - ensure => directory, + notify => Exec['refresh_apt']; + '/etc/apt/sources.list.d': + ensure => directory, checksum => mtime, - notify => Exec['refresh_apt']; + notify => Exec['refresh_apt']; } exec { # "&& sleep 1" is workaround for older(?) clients 'refresh_apt': - command => '/usr/bin/apt-get update && sleep 1', + command => '/usr/bin/apt-get update && sleep 1', refreshonly => true, } diff --git a/manifests/dselect.pp b/manifests/dselect.pp index 44f0e19..6feeb9f 100644 --- a/manifests/dselect.pp +++ b/manifests/dselect.pp @@ -1,10 +1,10 @@ class apt::dselect { # suppress annoying help texts of dselect - line { dselect_expert: - file => "/etc/dpkg/dselect.cfg", - line => "expert", + line { 'dselect_expert': + file => '/etc/dpkg/dselect.cfg', + line => 'expert', } - package { dselect: ensure => installed } + package { 'dselect': ensure => installed } } diff --git a/manifests/init.pp b/manifests/init.pp index 2ae691f..020c1cc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,73 +3,48 @@ # Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> # See LICENSE for the full license granted to you. -class apt { - - $use_volatile = $apt_volatile_enabled ? { - '' => false, - default => $apt_volatile_enabled, - } - - $include_src = $apt_include_src ? { - '' => false, - default => $apt_include_src, - } - - $use_next_release = $apt_use_next_release ? { - '' => false, - default => $apt_use_next_release, - } - - $debian_url = $apt_debian_url ? { - '' => 'http://cdn.debian.net/debian/', - default => "${apt_debian_url}", - } - $security_url = $apt_security_url ? { - '' => 'http://security.debian.org/', - default => "${apt_security_url}", - } - $backports_url = $apt_backports_url ? { - '' => 'http://backports.debian.org/debian-backports/', - default => "${apt_backports_url}", - } - $volatile_url = $apt_volatile_url ? { - '' => 'http://volatile.debian.org/debian-volatile/', - default => "${apt_volatile_url}", - } - $ubuntu_url = $apt_ubuntu_url ? { - '' => 'http://archive.ubuntu.com/ubuntu', - default => "${apt_ubuntu_url}", - } - case $operatingsystem { +class apt( + $codename = $::lsbdistcodename, + $use_volatile = false, + $include_src = false, + $use_next_release = false, + $debian_url = 'http://http.debian.net/debian/', + $security_url = 'http://security.debian.org/', + $backports_url = 'http://backports.debian.org/debian-backports/', + $volatile_url = 'http://volatile.debian.org/debian-volatile/', + $ubuntu_url = 'http://archive.ubuntu.com/ubuntu', + $repos = 'auto', + $custom_preferences = '', + $disable_update = false +){ + case $::operatingsystem { 'debian': { - $repos = $apt_repos ? { - '' => 'main contrib non-free', - default => "${apt_repos}", + $real_repos = $repos ? { + 'auto' => 'main contrib non-free', + default => $repos, } } 'ubuntu': { - $repos = $apt_repos ? { + $real_repos = $repos ? { '' => 'main restricted universe multiverse', - default => "${apt_repos}", + default => $repos, } } } - package { apt: - ensure => installed, + package { 'apt': + ensure => installed, require => undef, } include lsb - # init $release, $next_release, $codename, $next_codename, $release_version - case $lsbdistcodename { - '': { - $codename = $lsbdistcodename - $release = $lsbdistrelease + # init $release, $next_release, $next_codename, $release_version + case $codename { + 'n/a': { + fail("Unknown lsbdistcodename reported by facter: '$::lsbdistcodename', please fix this by setting this variable in your manifest.") } default: { - $codename = $lsbdistcodename $release = debian_release($codename) } } @@ -77,40 +52,44 @@ class apt { $next_codename = debian_nextcodename($codename) $next_release = debian_nextrelease($release) - config_file { + $sources_content = $::custom_sources_list ? { + '' => template( "apt/${::operatingsystem}/sources.list.erb"), + default => $::custom_sources_list + } + file { # include main, security and backports # additional sources should be included via the apt::sources_list define - "/etc/apt/sources.list": - content => $custom_sources_list ? { - '' => template( "apt/$operatingsystem/sources.list.erb"), - default => $custom_sources_list - }, + '/etc/apt/sources.list': + content => $sources_content, require => Package['lsb'], - notify => Exec['refresh_apt'], + notify => Exec['refresh_apt'], + owner => root, + group => 0, + mode => '0644'; } - apt_conf { "02show_upgraded": - source => [ "puppet:///modules/site_apt/${fqdn}/02show_upgraded", - "puppet:///modules/site_apt/02show_upgraded", - "puppet:///modules/apt/02show_upgraded" ] + apt_conf { '02show_upgraded': + source => [ "puppet:///modules/site_apt/${::fqdn}/02show_upgraded", + 'puppet:///modules/site_apt/02show_upgraded', + 'puppet:///modules/apt/02show_upgraded' ] } - if ( $virtual == "vserver" ) { - apt_conf { "03clean_vserver": - source => [ "puppet:///modules/site_apt/${fqdn}/03clean_vserver", - "puppet:///modules/site_apt/03clean_vserver", - "puppet:///modules/apt/03clean_vserver" ], - alias => "03clean"; + if ( $::virtual == 'vserver' ) { + apt_conf { '03clean_vserver': + source => [ "puppet:///modules/site_apt/${::fqdn}/03clean_vserver", + 'puppet:///modules/site_apt/03clean_vserver', + 'puppet:///modules/apt/03clean_vserver' ], + alias => '03clean'; } } else { - apt_conf { "03clean": - source => [ "puppet:///modules/site_apt/${fqdn}/03clean", - "puppet:///modules/site_apt/03clean", - "puppet:///modules/apt/03clean" ] + apt_conf { '03clean': + source => [ "puppet:///modules/site_apt/${::fqdn}/03clean", + 'puppet:///modules/site_apt/03clean', + 'puppet:///modules/apt/03clean' ] } } - + case $custom_preferences { false: { include apt::preferences::absent @@ -122,43 +101,38 @@ class apt { } } - # backward compatibility: upgrade from previous versions of this module. - file { - [ "/etc/apt/apt.conf.d/from_puppet", "/etc/apt/apt.conf.d/99from_puppet" ]: - ensure => 'absent', - require => [ Apt_conf['02show_upgraded'], Apt_conf['03clean'] ]; - } - include apt::dot_d_directories ## This package should really always be current - package { "debian-archive-keyring": ensure => latest } + package { 'debian-archive-keyring': ensure => latest } # backports uses the normal archive key now - package { "debian-backports-keyring": ensure => absent } + package { 'debian-backports-keyring': ensure => absent } include common::moduledir $apt_base_dir = "${common::moduledir::module_dir_path}/apt" - modules_dir { apt: } + modules_dir { 'apt': } - if $custom_key_dir { + if $::custom_key_dir { file { "${apt_base_dir}/keys.d": - source => "$custom_key_dir", + source => $::custom_key_dir, recurse => true, - mode => 0755, owner => root, group => root, + owner => root, + group => root, + mode => '0755', } - exec { "custom_keys": - command => "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && /usr/bin/apt-get update", - subscribe => File["${apt_base_dir}/keys.d"], + exec { 'custom_keys': + command => "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && /usr/bin/apt-get update", + subscribe => File["${apt_base_dir}/keys.d"], refreshonly => true, } if $custom_preferences != false { - Exec["custom_keys"] { - before => Concat[apt_config], + Exec['custom_keys'] { + before => File['apt_config'], } } } # workaround for preseeded_package component - file { [ "/var/cache", "/var/cache/local", "/var/cache/local/preseeding" ]: ensure => directory } + file { [ '/var/cache', '/var/cache/local', '/var/cache/local/preseeding' ]: ensure => directory } } diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp index 038d5c9..0c163ae 100644 --- a/manifests/listchanges.pp +++ b/manifests/listchanges.pp @@ -1,38 +1,19 @@ -class apt::listchanges { - - case $apt_listchanges_version { - '': { $apt_listchanges_version = "present" } - } - - case $apt_listchanges_config { - '': { $apt_listchanges_config = "apt/${operatingsystem}/listchanges_${lsbdistcodename}.erb" } - } - - case $apt_listchanges_frontend { - '': { $apt_listchanges_frontend = "mail" } - } - - case $apt_listchanges_email { - '': { $apt_listchanges_email = "root" } - } - - case $apt_listchanges_confirm { - '': { $apt_listchanges_confirm = "0" } - } - - case $apt_listchanges_saveseen { - '': { $apt_listchanges_saveseen = "/var/lib/apt/listchanges.db" } - } - - case $apt_listchanges_which { - '': { $apt_listchanges_which = "both" } - } - - package { apt-listchanges: ensure => $apt_listchanges_ensure_version } - - file { "/etc/apt/listchanges.conf": - content => template($apt_listchanges_config), - mode => 0644, owner => root, group => root, - require => Package["apt-listchanges"]; +class apt::listchanges( + $ensure_version = 'installed', + $config = "apt/${::operatingsystem}/listchanges_${::lsbdistcodename}.erb", + $frontend = 'mail', + $email = 'root', + $confirm = '0', + $saveseen = '/var/lib/apt/listchanges.db', + $which = 'both' +){ + package { 'apt-listchanges': ensure => $ensure_version } + + file { '/etc/apt/listchanges.conf': + content => template($apt::listchanges::config), + owner => root, + group => root, + mode => '0644', + require => Package['apt-listchanges']; } } diff --git a/manifests/preferences.pp b/manifests/preferences.pp index f188149..9ed24c1 100644 --- a/manifests/preferences.pp +++ b/manifests/preferences.pp @@ -1,22 +1,20 @@ class apt::preferences { - concat::fragment{"apt_preferences_header": - content => $custom_preferences ? { - '' => $operatingsystem ? { - 'debian' => template("apt/${operatingsystem}/preferences_${codename}.erb"), - 'ubuntu' => template("apt/${operatingsystem}/preferences_${codename}.erb"), - }, - default => $custom_preferences + $pref_contents = $apt::custom_preferences ? { + '' => $::operatingsystem ? { + 'debian' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"), + 'ubuntu' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"), }, - order => 00, - target => '/etc/apt/preferences', + default => $apt::custom_preferences } - concat{'/etc/apt/preferences': - alias => apt_config, + file { '/etc/apt/preferences': + ensure => present, + alias => 'apt_config', # only update together - require => File["/etc/apt/sources.list"], - owner => root, group => 0, mode => 0644; + content => $pref_contents, + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; } } diff --git a/manifests/preferences/absent.pp b/manifests/preferences/absent.pp index 0e96119..f32e030 100644 --- a/manifests/preferences/absent.pp +++ b/manifests/preferences/absent.pp @@ -2,5 +2,6 @@ class apt::preferences::absent { file { '/etc/apt/preferences': ensure => absent, + alias => 'apt_config', } } diff --git a/manifests/preferences_snippet.pp b/manifests/preferences_snippet.pp index 6a8e6bc..0bff85c 100644 --- a/manifests/preferences_snippet.pp +++ b/manifests/preferences_snippet.pp @@ -1,11 +1,11 @@ -define apt::preferences_snippet( +define apt::preferences_snippet ( + $priority, $package = false, $ensure = 'present', $source = '', $release = '', - $pin = '', - $priority ) -{ + $pin = '' +) { $real_package = $package ? { false => $name, @@ -13,21 +13,19 @@ define apt::preferences_snippet( } if $custom_preferences == false { - fail("Trying to define a preferences_snippet with \$custom_preferences set to false.") + fail('Trying to define a preferences_snippet with $custom_preferences set to false.') } if !$pin and !$release { - fail("apt::preferences_snippet requires one of the 'pin' or 'release' argument to be set") + fail('apt::preferences_snippet requires one of the \'pin\' or \'release\' argument to be set') } if $pin and $release { - fail("apt::preferences_snippet requires either a 'pin' or 'release' argument, not both") + fail('apt::preferences_snippet requires either a \'pin\' or \'release\' argument, not both') } - include apt::preferences - - concat::fragment{"apt_preference_${name}": + file { "/etc/apt/preferences.d/${name}": ensure => $ensure, - target => '/etc/apt/preferences', + owner => root, group => 0, mode => '0644'; } # This should really work in the same manner as sources_list and apt_conf @@ -37,19 +35,19 @@ define apt::preferences_snippet( '': { case $release { '': { - Concat::Fragment["apt_preference_${name}"]{ - content => template("apt/preferences_snippet.erb") + File["/etc/apt/preferences.d/${name}"]{ + content => template('apt/preferences_snippet.erb') } } default: { - Concat::Fragment["apt_preference_${name}"]{ - content => template("apt/preferences_snippet_release.erb") + File["/etc/apt/preferences.d/${name}"]{ + content => template('apt/preferences_snippet_release.erb') } } } } default: { - Concat::Fragment["apt_preference_${name}"]{ + File["/etc/apt/preferences.d/${name}"]{ source => $source } } diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index d831934..9bca8b1 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,18 +1,21 @@ -define apt::preseeded_package ($content = "", $ensure = "installed") { - $seedfile = "/var/cache/local/preseeding/$name.seeds" - $real_content = $content ? { - "" => template ( "site_apt/$lsbdistcodename/$name.seeds" ), +define apt::preseeded_package ( + $ensure = 'installed', + $content = '' +) { + $seedfile = "/var/cache/local/preseeding/${name}.seeds" + $real_content = $content ? { + '' => template ( "site_apt/${::lsbdistcodename}/${name}.seeds" ), default => $content - } + } file { $seedfile: content => $real_content, - mode => 0600, owner => root, group => root, - } + mode => '0600', owner => root, group => root, + } package { $name: - ensure => $ensure, + ensure => $ensure, responsefile => $seedfile, - require => File[$seedfile], - } -} + require => File[$seedfile], + } +} diff --git a/manifests/proxy_client.pp b/manifests/proxy_client.pp index 23e9bd1..9ba79f2 100644 --- a/manifests/proxy_client.pp +++ b/manifests/proxy_client.pp @@ -1,16 +1,9 @@ -class apt::proxy_client { +class apt::proxy_client( + $proxy = 'http://localhost', + $port = '3142', +){ - $real_apt_proxy = $apt_proxy ? { - "" => "http://localhost", - default => $apt_proxy - } - - $real_apt_proxy_port = $apt_proxy_port ? { - "" => "3142", - default => $apt_proxy_port - } - - apt_conf { "20proxy": - content => template("apt/20proxy.erb"), + apt_conf { '20proxy': + content => template('apt/20proxy.erb'), } } diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp index 3603aa2..722e8a5 100644 --- a/manifests/reboot_required_notify.pp +++ b/manifests/reboot_required_notify.pp @@ -3,7 +3,7 @@ class apt::reboot_required_notify { # This package installs the script that created /var/run/reboot-required*. # This script (/usr/share/update-notifier/notify-reboot-required) is # triggered e.g. by kernel packages. - package { update-notifier-common: + package { 'update-notifier-common': ensure => installed, } diff --git a/manifests/sources_list.pp b/manifests/sources_list.pp index 499116d..3367f83 100644 --- a/manifests/sources_list.pp +++ b/manifests/sources_list.pp @@ -1,14 +1,16 @@ define apt::sources_list ( $ensure = 'present', $source = '', - $content = undef ) -{ + $content = undef +) { - if $source == '' and $content == undef { - fail("One of \$source or \$content must be specified for apt_sources_snippet ${name}") - } - if $source != '' and $content != undef { - fail("Only one of \$source or \$content must specified for apt_sources_snippet ${name}") + if $ensure == 'present' { + if $source == '' and $content == undef { + fail("One of \$source or \$content must be specified for apt_sources_snippet ${name}") + } + if $source != '' and $content != undef { + fail("Only one of \$source or \$content must specified for apt_sources_snippet ${name}") + } } include apt::dot_d_directories @@ -18,7 +20,7 @@ define apt::sources_list ( # apparently doesn't. file { "/etc/apt/sources.list.d/${name}": ensure => $ensure, - owner => root, group => 0, mode => 0644, + owner => root, group => 0, mode => '0644', notify => Exec['refresh_apt'], } diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 23d9bd7..4f1eb20 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -1,21 +1,22 @@ class apt::unattended_upgrades { package { 'unattended-upgrades': - ensure => present, + ensure => present, require => undef, } - apt_conf { "50unattended-upgrades": - source => ["puppet:///modules/site_apt/$lsbdistcodename/50unattended-upgrades", - "puppet:///modules/site_apt/50unattended-upgrades", - "puppet:///modules/apt/$lsbdistcodename/50unattended-upgrades", - "puppet:///modules/apt/50unattended-upgrades" ], + apt_conf { '50unattended-upgrades': + source => [ + "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades", + 'puppet:///modules/site_apt/50unattended-upgrades', + "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades", + 'puppet:///modules/apt/50unattended-upgrades' ], require => Package['unattended-upgrades'], } - if $custom_preferences != false { - Apt_conf["50unattended-upgrades"] { - before => Concat[apt_config], + if $apt::custom_preferences != false { + Apt_conf['50unattended-upgrades'] { + before => File['apt_config'], } } diff --git a/manifests/update.pp b/manifests/update.pp index ae992f4..3f45125 100644 --- a/manifests/update.pp +++ b/manifests/update.pp @@ -2,11 +2,12 @@ class apt::update { exec { 'update_apt': command => '/usr/bin/apt-get update && /usr/bin/apt-get autoclean', - require => [ File['/etc/apt/apt.conf.d', '/etc/apt/preferences' ], - Config_file['/etc/apt/sources.list'] ], + require => [ + File['/etc/apt/apt.conf.d', '/etc/apt/preferences' ], + File['/etc/apt/sources.list'] ], loglevel => info, # Another Semaphor for all packages to reference - alias => "apt_updated" + alias => 'apt_updated' } } diff --git a/manifests/upgrade_package.pp b/manifests/upgrade_package.pp index 9202624..d607150 100644 --- a/manifests/upgrade_package.pp +++ b/manifests/upgrade_package.pp @@ -1,6 +1,10 @@ -define apt::upgrade_package ($version = "") { +define apt::upgrade_package ( + $version = '' +) { - include apt::update + if $apt::disable_update == false { + include apt::update + } $version_suffix = $version ? { '' => '', @@ -10,24 +14,29 @@ define apt::upgrade_package ($version = "") { if !defined(Package['apt-show-versions']) { package { 'apt-show-versions': - ensure => installed, + ensure => installed, require => undef, } } if !defined(Package['dctrl-tools']) { package { 'dctrl-tools': - ensure => installed, + ensure => installed, require => undef, } } + $req = $apt::disable_update ? { + true => Package['apt-show-versions', 'dctrl-tools'], + default => [ + Exec['apt_updated'], + Package['apt-show-versions', 'dctrl-tools'] + ], + } + exec { "apt-get -q -y -o 'DPkg::Options::=--force-confold' install ${name}${version_suffix}": - onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ], - require => [ - Exec['apt_updated'], - Package['apt-show-versions', 'dctrl-tools'], - ], + onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ], + require => $req } } diff --git a/templates/20proxy.erb b/templates/20proxy.erb index fd0c7fe..ea706b6 100644 --- a/templates/20proxy.erb +++ b/templates/20proxy.erb @@ -1,5 +1,5 @@ // This file is managed by Puppet // all local modifications will be overwritten -Acquire::http { Proxy "<%= real_apt_proxy %>:<%= real_apt_proxy_port %>"; }; +Acquire::http { Proxy "<%= proxy %>:<%= port %>"; }; Acquire::HTTP::Proxy::bugs.debian.org "DIRECT"; diff --git a/templates/Debian/apticron_lenny.erb b/templates/Debian/apticron_lenny.erb index 9ec1c6d..aad9985 100644 --- a/templates/Debian/apticron_lenny.erb +++ b/templates/Debian/apticron_lenny.erb @@ -2,7 +2,7 @@ # # set EMAIL to a list of addresses which will be notified of impending updates # -EMAIL="<%= apticron_email %>" +EMAIL="<%= scope.lookupvar('apt::apticron::email') %>" # # Set DIFF_ONLY to "1" to only output the difference of the current run @@ -10,22 +10,22 @@ EMAIL="<%= apticron_email %>" # are no differences, no output/email will be generated. By default, apticron # will output everything that needs to be upgraded. # -DIFF_ONLY="<%= apticron_diff_only %>" +DIFF_ONLY="<%= scope.lookupvar('apt::apticron::diff_only') %>" # # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges # with the --profile option. You should add a corresponding profile to # /etc/apt/listchanges.conf # -LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" +LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %>" # # Set SYSTEM if you would like apticron to use something other than the output # of "hostname -f" for the system name in the mails it generates # # SYSTEM="foobar.example.com" -<%- if has_variable?('apticron_system') and instance_variable_get("@#{'apticron_system'}").to_s != "false" -%> -<%= 'SYSTEM="' + instance_variable_get("@#{'apticron_system'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%> +<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %> <%- end -%> # @@ -34,8 +34,8 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # family type (inet, inet6), if available. # # IPADDRESSNUM="1" -<%- if has_variable?('apticron_ipaddressnum') and instance_variable_get("@#{'apticron_ipaddressnum'}").to_s != "false" -%> -<%= 'IPADDRESSNUM="' + instance_variable_get("@#{'apticron_ipaddressnum'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%> +<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %> <%- end -%> # @@ -44,6 +44,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # "ip" command # # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" -<%- if has_variable?('apticron_ipaddresses') and instance_variable_get("@#{'apticron_ipaddresses'}").to_s != "false" -%> -<%= 'IPADDRESSES="' + instance_variable_get("@#{'apticron_ipaddresses'}").to_s + '"' %> -<%- end -%>
\ No newline at end of file +<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%> +<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %> +<%- end -%> + diff --git a/templates/Debian/apticron_squeeze.erb b/templates/Debian/apticron_squeeze.erb index b0aa975..580179e 100644 --- a/templates/Debian/apticron_squeeze.erb +++ b/templates/Debian/apticron_squeeze.erb @@ -3,7 +3,8 @@ # set EMAIL to a space separated list of addresses which will be notified of # impending updates # -EMAIL="<%= apticron_email %>" +EMAIL="<%= scope.lookupvar('apt::apticron::email') %>" + # # Set DIFF_ONLY to "1" to only output the difference of the current run @@ -11,51 +12,54 @@ EMAIL="<%= apticron_email %>" # are no differences, no output/email will be generated. By default, apticron # will output everything that needs to be upgraded. # -DIFF_ONLY="<%= apticron_diff_only %>" +DIFF_ONLY="<%= scope.lookupvar('apt::apticron::diff_only') %>" # # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges # with the --profile option. You should add a corresponding profile to # /etc/apt/listchanges.conf # -LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" +LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %>" # # Set SYSTEM if you would like apticron to use something other than the output # of "hostname -f" for the system name in the mails it generates # # SYSTEM="foobar.example.com" -<%- if has_variable?('apticron_system') and instance_variable_get("@#{'apticron_system'}").to_s != "false" -%> -<%= 'SYSTEM="' + instance_variable_get("@#{'apticron_system'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%> +<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %> <%- end -%> + # # Set IPADDRESSNUM if you would like to configure the maximal number of IP # addresses apticron displays. The default is to display 1 address of each # family type (inet, inet6), if available. # # IPADDRESSNUM="1" -<%- if has_variable?('apticron_ipaddressnum') and instance_variable_get("@#{'apticron_ipaddressnum'}").to_s != "false" -%> -<%= 'IPADDRESSNUM="' + instance_variable_get("@#{'apticron_ipaddressnum'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%> +<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %> <%- end -%> + # # Set IPADDRESSES to a whitespace separated list of reachable addresses for # this system. By default, apticron will try to work these out using the # "ip" command # # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" -<%- if has_variable?('apticron_ipaddresses') and instance_variable_get("@#{'apticron_ipaddresses'}").to_s != "false" -%> -<%= 'IPADDRESSES="' + instance_variable_get("@#{'apticron_ipaddresses'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%> +<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %> <%- end -%> + # # Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of # packages on hold in your system. The default behavior is downloading and # listing them as any other package. # # NOTIFY_HOLDS="0" -NOTIFY_HOLDS="<%= apticron_notifyholds %>" +NOTIFY_HOLDS="<%= scope.lookupvar('apt::apticron::notifyholds') %>" # # Set NOTIFY_NEW="0" if you don't want to be notified about packages which @@ -67,12 +71,12 @@ NOTIFY_HOLDS="<%= apticron_notifyholds %>" # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44 # # NOTIFY_NEW="0" -NOTIFY_NEW="<%= apticron_notifynew %>" +NOTIFY_NEW="<%= scope.lookupvar('apt::apticron::notifynew') %>" # # Set CUSTOM_SUBJECT if you want to replace the default subject used in # the notification e-mails. This may help filtering/sorting client-side e-mail. # # CUSTOM_SUBJECT="" -CUSTOM_SUBJECT="<%= apticron_customsubject %>" +CUSTOM_SUBJECT="<%= scope.lookupvar('apt::apticron::customsubject') %>" diff --git a/templates/Debian/apticron_wheezy.erb b/templates/Debian/apticron_wheezy.erb index ff66d39..d8c8804 100644 --- a/templates/Debian/apticron_wheezy.erb +++ b/templates/Debian/apticron_wheezy.erb @@ -3,7 +3,7 @@ # set EMAIL to a space separated list of addresses which will be notified of # impending updates # -EMAIL="<%= apticron_email %>" +EMAIL="<%= scope.lookupvar('apt::apticron::email') %>" # # Set DIFF_ONLY to "1" to only output the difference of the current run @@ -11,22 +11,22 @@ EMAIL="<%= apticron_email %>" # are no differences, no output/email will be generated. By default, apticron # will output everything that needs to be upgraded. # -DIFF_ONLY="<%= apticron_diff_only %>" +DIFF_ONLY="<%= scope.lookupvar('apt::apticron::diff_only') %>" # # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges # with the --profile option. You should add a corresponding profile to # /etc/apt/listchanges.conf # -LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" +LISTCHANGES_PROFILE="<%= scope.lookupvar('apt::apticron::listchanges_profile') %>" # # Set SYSTEM if you would like apticron to use something other than the output # of "hostname -f" for the system name in the mails it generates # # SYSTEM="foobar.example.com" -<%- if has_variable?('apticron_system') and instance_variable_get("@#{'apticron_system'}").to_s != "false" -%> -<%= 'SYSTEM="' + instance_variable_get("@#{'apticron_system'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::system').to_s == "false" -%> +<%= "SYSTEM=\"#{scope.lookupvar('apt::apticron::system')}\"" %> <%- end -%> # @@ -35,8 +35,8 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # family type (inet, inet6), if available. # # IPADDRESSNUM="1" -<%- if has_variable?('apticron_ipaddressnum') and instance_variable_get("@#{'apticron_ipaddressnum'}").to_s != "false" -%> -<%= 'IPADDRESSNUM="' + instance_variable_get("@#{'apticron_ipaddressnum'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::ipaddressnum').to_s == "false" -%> +<%= "IPADDRESSNUM=\"#{scope.lookupvar('apt::apticron::ipaddressnum')}\"" %> <%- end -%> # @@ -45,8 +45,8 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # "ip" command # # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" -<%- if has_variable?('apticron_ipaddresses') and instance_variable_get("@#{'apticron_ipaddresses'}").to_s != "false" -%> -<%= 'IPADDRESSES="' + instance_variable_get("@#{'apticron_ipaddresses'}").to_s + '"' %> +<%- unless scope.lookupvar('apt::apticron::ipaddresses').to_s == "false" -%> +<%= "IPADDRESSES=\"#{scope.lookupvar('apt::apticron::ipaddresses')}\"" %> <%- end -%> # @@ -55,7 +55,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # listing them as any other package. # # NOTIFY_HOLDS="0" -NOTIFY_HOLDS="<%= apticron_notifyholds %>" +NOTIFY_HOLDS="<%= scope.lookupvar('apt::apticron::notifyholds') %>" # # Set NOTIFY_NEW="0" if you don't want to be notified about packages which @@ -67,7 +67,7 @@ NOTIFY_HOLDS="<%= apticron_notifyholds %>" # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44 # # NOTIFY_NEW="0" -NOTIFY_NEW="<%= apticron_notifynew %>" +NOTIFY_NEW="<%= scope.lookupvar('apt::apticron::notifynew') %>" # @@ -77,4 +77,4 @@ NOTIFY_NEW="<%= apticron_notifynew %>" # ='[apticron] : package update(s)' # # CUSTOM_SUBJECT="" -CUSTOM_SUBJECT="<%= apticron_customsubject %>" +CUSTOM_SUBJECT="<%= scope.lookupvar('apt::apticron::customsubject') %>" diff --git a/templates/Debian/listchanges_lenny.erb b/templates/Debian/listchanges_lenny.erb index 3624b39..1025dd0 100644 --- a/templates/Debian/listchanges_lenny.erb +++ b/templates/Debian/listchanges_lenny.erb @@ -1,7 +1,7 @@ [apt] -frontend=<%= apt_listchanges_frontend %> -email_address=<%= apt_listchanges_email %> -confirm=<%= apt_listchanges_confirm %> -save_seen=<%= apt_listchanges_saveseen %> -which=<%= apt_listchanges_which %> +frontend=<%= scope.lookupvar('apt::listchanges::frontend') %> +email_address=<%= scope.lookupvar('apt::listchanges::email') %> +confirm=<%= scope.lookupvar('apt::listchanges::confirm') %> +save_seen=<%= scope.lookupvar('apt::listchanges::saveseen') %> +which=<%= scope.lookupvar('apt::listchanges::which') %> diff --git a/templates/Debian/preferences_lenny.erb b/templates/Debian/preferences_lenny.erb index fb80129..5c3c829 100644 --- a/templates/Debian/preferences_lenny.erb +++ b/templates/Debian/preferences_lenny.erb @@ -1,6 +1,6 @@ -Explanation: Debian <%= codename %> +Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %> Package: * -Pin: release o=Debian,a=<%= release %>,v=<%= release_version %>* +Pin: release o=Debian,a=<%= scope.lookupvar('apt::release') %>,v=<%= scope.lookupvar('apt::release_version') %>* Pin-Priority: 990 Explanation: Debian backports @@ -8,7 +8,7 @@ Package: * Pin: origin backports.debian.org Pin-Priority: 200 -Explanation: Debian <%= next_release %> +Explanation: Debian <%= next_release=scope.lookupvar('apt::next_release') %> Package: * Pin: release o=Debian,a=<%= next_release %> Pin-Priority: 2 diff --git a/templates/Debian/preferences_squeeze.erb b/templates/Debian/preferences_squeeze.erb index fa0849a..efe7720 100644 --- a/templates/Debian/preferences_squeeze.erb +++ b/templates/Debian/preferences_squeeze.erb @@ -1,4 +1,4 @@ -Explanation: Debian <%= codename %> +Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %> Package: * Pin: release o=Debian,n=<%= codename %> Pin-Priority: 990 @@ -8,7 +8,7 @@ Package: * Pin: release o=Debian,n=<%= codename %>-updates Pin-Priority: 990 -Explanation: Debian <%= next_codename %> +Explanation: Debian <%= next_codename=scope.lookupvar('apt::next_codename') %> Package: * Pin: release o=Debian,n=<%= next_codename %> Pin-Priority: 2 diff --git a/templates/Debian/preferences_wheezy.erb b/templates/Debian/preferences_wheezy.erb index d5c7af8..0cc0e5c 100644 --- a/templates/Debian/preferences_wheezy.erb +++ b/templates/Debian/preferences_wheezy.erb @@ -1,4 +1,4 @@ -Explanation: Debian <%= codename %> +Explanation: Debian <%= codename=scope.lookupvar('apt::codename') %> Package: * Pin: release o=Debian,n=<%= codename %> Pin-Priority: 990 diff --git a/templates/Debian/sources.list.erb b/templates/Debian/sources.list.erb index b0f490f..49cf38c 100644 --- a/templates/Debian/sources.list.erb +++ b/templates/Debian/sources.list.erb @@ -1,21 +1,21 @@ # This file is managed by puppet # all local modifications will be overwritten -### Debian current: <%= codename %> +### Debian current: <%= codename=scope.lookupvar('apt::codename') %> # basic -deb <%= debian_url %> <%= codename %> <%= repos %> -<% if include_src then -%> -deb-src <%= debian_url %> <%= codename %> <%= repos %> +deb <%= debian_url=scope.lookupvar('apt::debian_url') %> <%= codename %> <%= lrepos=scope.lookupvar('apt::real_repos') %> +<% if scope.lookupvar('apt::include_src') -%> +deb-src <%= debian_url %> <%= codename %> <%= lrepos %> <% end -%> # security -<% if (release == "unstable" || release == "experimental") -%> +<% if ((release=scope.lookupvar('apt::release')) == "unstable" || release == "experimental") -%> # There is no security support for <%= release %> <% else -%> -deb <%= security_url %> <%= codename %>/updates <%= repos %> -<% if include_src then -%> -deb-src <%= security_url %> <%= codename %>/updates <%= repos %> +deb <%= security_url=scope.lookupvar('apt::security_url') %> <%= codename %>/updates <%= lrepos %> +<% if include_src -%> +deb-src <%= security_url %> <%= codename %>/updates <%= lrepos %> <% end -%> <% end -%> @@ -23,47 +23,47 @@ deb-src <%= security_url %> <%= codename %>/updates <%= repos %> <% if (release == "testing" || release == "unstable" || release == "experimental") -%> # There is no backports archive for <%= release %> <% else -%> -deb <%= backports_url %> <%= codename %>-backports <%= repos %> -<% if include_src then -%> -deb-src <%= backports_url %> <%= codename %>-backports <%= repos %> +deb <%= backports_url=scope.lookupvar('apt::backports_url') %> <%= codename %>-backports <%= lrepos %> +<% if include_src -%> +deb-src <%= backports_url %> <%= codename %>-backports <%= lrepos %> <% end -%> <% end -%> -<% if use_volatile -%> +<% if use_volatile=scope.lookupvar('apt::use_volatile') -%> # volatile <% if (release == "testing" || release == "unstable" || release == "experimental") -%> # There is no volatile archive for <%= release %> <% else -%> <% if (codename == "lenny" || codename == "etch") -%> -deb <%= volatile_url %> <%= codename %>/volatile <%= repos %> -<% if include_src then -%> -deb-src <%= volatile_url %> <%= codename %>/volatile <%= repos %> +deb <%= volatile_url=scope.lookupvar('apt::volatile_url') %> <%= codename %>/volatile <%= lrepos %> +<% if include_src -%> +deb-src <%= volatile_url %> <%= codename %>/volatile <%= lrepos %> <% end -%> <% else -%> -deb <%= debian_url %> <%= codename %>-updates <%= repos %> -<% if include_src then -%> -deb-src <%= debian_url %> <%= codename %>-updates <%= repos %> +deb <%= debian_url %> <%= codename %>-updates <%= lrepos %> +<% if include_src -%> +deb-src <%= debian_url %> <%= codename %>-updates <%= lrepos %> <% end -%> <% end -%> <% end -%> <% end -%> -<% if use_next_release then -%> -### Debian next: <%= next_codename %> +<% if next_release=scope.lookupvar('apt::use_next_release') -%> +### Debian next: <%= next_release=scope.lookupvar('apt::next_release') ; next_codename=scope.lookupvar('apt::next_codename') %> # basic -deb <%= debian_url %> <%= next_codename %> <%= repos %> +deb <%= debian_url %> <%= next_codename %> <%= lrepos %> <% if include_src then -%> -deb-src <%= debian_url %> <%= next_codename %> <%= repos %> +deb-src <%= debian_url %> <%= next_codename %> <%= lrepos %> <% end -%> # security <% if (next_release == "unstable" || next_release == "experimental") -%> # There is no security support for <%= next_release %> <% else -%> -deb <%= security_url %> <%= next_codename %>/updates <%= repos %> +deb <%= security_url %> <%= next_codename %>/updates <%= lrepos %> <% if include_src then -%> -deb-src <%= security_url %> <%= next_codename %>/updates <%= repos %> +deb-src <%= security_url %> <%= next_codename %>/updates <%= lrepos %> <% end -%> <% end -%> @@ -73,14 +73,14 @@ deb-src <%= security_url %> <%= next_codename %>/updates <%= repos %> # There is no volatile archive for <%= next_release %> <% else -%> <% if (next_codename == "lenny" || next_codename == "etch") -%> -deb <%= volatile_url %> <%= next_codename %>/volatile <%= repos %> +deb <%= volatile_url %> <%= next_codename %>/volatile <%= lrepos %> <% if include_src then -%> -deb-src <%= volatile_url %> <%= next_codename %>/volatile <%= repos %> +deb-src <%= volatile_url %> <%= next_codename %>/volatile <%= lrepos %> <% end -%> <% else -%> -deb <%= debian_url %> <%= next_codename %>-updates <%= repos %> +deb <%= debian_url %> <%= next_codename %>-updates <%= lrepos %> <% if include_src then -%> -deb-src <%= debian_url %> <%= next_codename %>-updates <%= repos %> +deb-src <%= debian_url %> <%= next_codename %>-updates <%= lrepos %> <% end -%> <% end -%> <% end -%> diff --git a/templates/Ubuntu/preferences_maverick.erb b/templates/Ubuntu/preferences_maverick.erb index 30d3ec6..801ddd4 100644 --- a/templates/Ubuntu/preferences_maverick.erb +++ b/templates/Ubuntu/preferences_maverick.erb @@ -1,4 +1,4 @@ -Explanation: Ubuntu <%= codename %> security +Explanation: Ubuntu <%= codename=scope.lookupvar('apt::codename') %> security Package: * Pin: release o=Ubuntu,a=<%= codename %>-security Pin-Priority: 990 @@ -18,7 +18,7 @@ Package: * Pin: release a=<%= codename %>-backports Pin-Priority: 200 -Explanation: Ubuntu <%= next_release %> +Explanation: Ubuntu <%= next_release=scope.lookupvar('apt::next_release') %> Package: * Pin: release o=Ubuntu,a=<%= next_release %> Pin-Priority: 2 diff --git a/templates/Ubuntu/sources.list.erb b/templates/Ubuntu/sources.list.erb index d356bd4..c1a6115 100644 --- a/templates/Ubuntu/sources.list.erb +++ b/templates/Ubuntu/sources.list.erb @@ -1,26 +1,26 @@ # This file is managed by puppet # all local modifications will be overwritten -# basic <%= lsbdistcodename %> -deb <%= ubuntu_url %> <%= lsbdistcodename %> <%= repos %> -<% if include_src then -%> -deb-src <%= ubuntu_url %> <%= lsbdistcodename %> <%= repos %> +# basic <%= codename=scope.lookupvar('apt::codename') %> +deb <%= ubuntu_url=scope.lookupvar('apt::ubuntu_url') %> <%= codename %> <%= lrepos=scope.lookupvar('apt::real_repos') %> +<% if include_src=scope.lookupvar('apt::include_src') -%> +deb-src <%= ubuntu_url %> <%= codename %> <%= lrepos %> <% end -%> # updates -deb <%= ubuntu_url %> <%= lsbdistcodename %>-updates <%= repos %> -<% if include_src then -%> -deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-updates <%= repos %> +deb <%= ubuntu_url %> <%= codename %>-updates <%= lrepos %> +<% if include_src -%> +deb-src <%= ubuntu_url %> <%= codename %>-updates <%= lrepos %> <% end -%> # security suppport -deb <%= ubuntu_url %> <%= lsbdistcodename %>-security <%= repos %> -<% if include_src then -%> -deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-security <%= repos %> +deb <%= ubuntu_url %> <%= codename %>-security <%= lrepos %> +<% if include_src -%> +deb-src <%= ubuntu_url %> <%= codename %>-security <%= lrepos %> <% end -%> # backports -deb <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos %> -<% if include_src then -%> -deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos %> +deb <%= ubuntu_url %> <%= codename %>-backports main <%= lrepos %> +<% if include_src -%> +deb-src <%= ubuntu_url %> <%= codename %>-backports <%= lrepos %> <% end -%> |