2 files changed, 35 insertions, 1 deletions

diff --git a/templates/50unattended-upgrades.erb b/templates/50unattended-upgrades.erb
new file mode 100644
index 0000000..4492c2d
--- /dev/null
+++ b/templates/50unattended-upgrades.erb
@@ -0,0 +1,34 @@
+// this file is managed by puppet !
+
+Unattended-Upgrade::Allowed-Origins {
+<% if scope.lookupvar('::operatingsystem') == 'Ubuntu' -%>
+  "${distro_id}:${distro_codename}-security";
+  "${distro_id}:${distro_codename}-updates";
+  "${distro_id}:${distro_codename}-backports";
+<% else -%>
+<% if scope.lookupvar('::lsbdistcodename') == 'squeeze' -%>
+  "${distro-id} ${distro-codename}-security";
+  "${distro-id} ${distro-codename}-lts";
+<% else -%>
+  # See Debian bug #704087
+  "o=Debian,a=oldstable,l=Debian-Security";
+  "o=Debian,a=stable,l=Debian-Security";
+<% end -%>
+};
+
+<% if not @blacklisted_packages.empty?  -%>
+Unattended-Upgrade::Package-Blacklist {
+<% @blacklisted_packages.each do |pkg| -%>
+  "<%= pkg %>";
+<% end -%>
+}
+<% end -%>
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::Unattended-Upgrade "1";
+
+Unattended-Upgrade::Mail "<%= @mail_recipient -%>";
+<% if @mailonlyonerror -%>
+Unattended-Upgrade::MailOnlyOnError "true";
+<% end -%>
diff --git a/templates/Ubuntu/sources.list.erb b/templates/Ubuntu/sources.list.erb
index c1a6115..8d2585d 100644
--- a/templates/Ubuntu/sources.list.erb
+++ b/templates/Ubuntu/sources.list.erb
@@ -20,7 +20,7 @@ deb-src <%= ubuntu_url %> <%= codename %>-security <%= lrepos %>
 <% end -%>
 
 # backports
-deb <%= ubuntu_url %> <%= codename %>-backports main <%= lrepos %>
+deb <%= ubuntu_url %> <%= codename %>-backports <%= lrepos %>
 <% if include_src -%>
 deb-src <%= ubuntu_url %> <%= codename %>-backports <%= lrepos %>
 <% end -%>