From 50b4bef76180181a34d04958b320295c7b6e9cf0 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 26 Jan 2013 15:20:30 -0200 Subject: Make custom_key_dir a class parameter and not a global variable Conflicts: manifests/init.pp --- README | 22 ++++++++++------------ manifests/init.pp | 7 ++++--- manifests/params.pp | 1 + 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/README b/README index f241a19..35a88b2 100644 --- a/README +++ b/README @@ -129,18 +129,6 @@ pull in the templates/site_apt/sources.list file: $custom_sources_list = template('site_apt/sources.list') -$custom_key_dir ---------------- - -If you have different apt-key files that you want to get added to your -apt keyring, you can set this variable to a path in your fileserver -where individual key files can be placed. If this is set and keys -exist there, this module will 'apt-key add' each key. - -The debian-archive-keyring package is installed and kept current up to the -latest revision (this includes the backports archive keyring). - - Classes ======= @@ -235,6 +223,16 @@ Class parameters: include apt::dist_upgrade class { 'apt': codename => 'wheezy', notify => Exec['apt_dist-upgrade'] } +* custom_key_dir + + If you have different apt-key files that you want to get added to your + apt keyring, you can set this variable to a path in your fileserver + where individual key files can be placed. If this is set and keys + exist there, this module will 'apt-key add' each key. + + The debian-archive-keyring package is installed and kept current up to the + latest revision (this includes the backports archive keyring). + apt::apticron ------------- diff --git a/manifests/init.pp b/manifests/init.pp index 3f8e1c8..de28c23 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -15,7 +15,8 @@ class apt( $ubuntu_url = $apt::params::ubuntu_url, $repos = $apt::params::repos, $custom_preferences = $apt::params::custom_preferences, - $disable_update = $apt::params::disable_update + $disable_update = $apt::params::disable_update, + $custom_key_dir = $apt::params::custom_key_dir ) inherits apt::params { case $::operatingsystem { 'debian': { @@ -113,9 +114,9 @@ class apt( $apt_base_dir = "${common::moduledir::module_dir_path}/apt" modules_dir { 'apt': } - if $::custom_key_dir { + if $custom_key_dir { file { "${apt_base_dir}/keys.d": - source => $::custom_key_dir, + source => $custom_key_dir, recurse => true, owner => root, group => root, diff --git a/manifests/params.pp b/manifests/params.pp index b210ff6..12273ac 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -14,4 +14,5 @@ class apt::params () { $repos = 'auto' $custom_preferences = '' $disable_update = false + $custom_key_dir = false } -- cgit v1.2.3 From 92406aa9180b15b35a3c102fac0e70d4e620a6e1 Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 14 Apr 2013 13:44:42 +0200 Subject: fix default unattended-upgrades config file --- files/50unattended-upgrades | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index ebf9f49..329c95c 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -2,14 +2,14 @@ Unattended-Upgrade::Origins-Pattern { // Debian - "o=${distro_id},n=${distro_codename}"; - "o=${distro_id},n=${distro_codename}-updates"; - "o=${distro_id},n=${distro_codename},l=Debian-security"; - "o=${distro_id} Backports,n=${distro_codename}-backports"; + "${distro_id} ${distro_codename}"; + "${distro_id} ${distro_codename}-updates"; + "${distro_id} ${distro_codename}-security"; + "${distro_id} Backports:${distro_codename}-backports"; // Ubuntu specific - "o=${distro_id},a=${distro_codename}-security"; - "o=${distro_id},a=${distro_codename}-backports"; - "o=${distro_id},a=${distro_codename}-proposed"; + "${distro_id} ${distro_codename}-security"; + "${distro_id} ${distro_codename}-backports"; + "${distro_id} ${distro_codename}-proposed"; }; APT::Periodic::Update-Package-Lists "1"; -- cgit v1.2.3 From 9a3068016feffa328bf6e0f265e316eb813b7ee8 Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 14 Apr 2013 14:54:10 +0200 Subject: using distribution sprecific files again --- files/50unattended-upgrades | 20 -------------------- files/Debian/50unattended-upgrades | 14 ++++++++++++++ files/Debian/50unattended-upgrades.lenny | 13 +++++++++++++ files/Debian/50unattended-upgrades.squeeze | 13 +++++++++++++ files/Debian/50unattended-upgrades.wheezy | 14 ++++++++++++++ files/Ubuntu/50unattended-upgrades | 16 ++++++++++++++++ files/lenny/50unattended-upgrades | 13 ------------- files/squeeze/50unattended-upgrades | 14 -------------- manifests/unattended_upgrades.pp | 8 ++++---- 9 files changed, 74 insertions(+), 51 deletions(-) delete mode 100644 files/50unattended-upgrades create mode 100644 files/Debian/50unattended-upgrades create mode 100644 files/Debian/50unattended-upgrades.lenny create mode 100644 files/Debian/50unattended-upgrades.squeeze create mode 100644 files/Debian/50unattended-upgrades.wheezy create mode 100644 files/Ubuntu/50unattended-upgrades delete mode 100644 files/lenny/50unattended-upgrades delete mode 100644 files/squeeze/50unattended-upgrades diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades deleted file mode 100644 index 329c95c..0000000 --- a/files/50unattended-upgrades +++ /dev/null @@ -1,20 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Origins-Pattern { - // Debian - "${distro_id} ${distro_codename}"; - "${distro_id} ${distro_codename}-updates"; - "${distro_id} ${distro_codename}-security"; - "${distro_id} Backports:${distro_codename}-backports"; - // Ubuntu specific - "${distro_id} ${distro_codename}-security"; - "${distro_id} ${distro_codename}-backports"; - "${distro_id} ${distro_codename}-proposed"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; -Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/files/Debian/50unattended-upgrades b/files/Debian/50unattended-upgrades new file mode 100644 index 0000000..0901ad3 --- /dev/null +++ b/files/Debian/50unattended-upgrades @@ -0,0 +1,14 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:stable"; + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id} Backports:${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Debian/50unattended-upgrades.lenny b/files/Debian/50unattended-upgrades.lenny new file mode 100644 index 0000000..d55bb29 --- /dev/null +++ b/files/Debian/50unattended-upgrades.lenny @@ -0,0 +1,13 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "Debian oldstable"; + "Debian-Security oldstable"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; + diff --git a/files/Debian/50unattended-upgrades.squeeze b/files/Debian/50unattended-upgrades.squeeze new file mode 100644 index 0000000..38da1f4 --- /dev/null +++ b/files/Debian/50unattended-upgrades.squeeze @@ -0,0 +1,13 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id} stable"; + "${distro_id} ${distro_codename}-security"; + "${distro_id} ${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy new file mode 100644 index 0000000..4463406 --- /dev/null +++ b/files/Debian/50unattended-upgrades.wheezy @@ -0,0 +1,14 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:testing"; + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id} Backports:${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Ubuntu/50unattended-upgrades b/files/Ubuntu/50unattended-upgrades new file mode 100644 index 0000000..25c7758 --- /dev/null +++ b/files/Ubuntu/50unattended-upgrades @@ -0,0 +1,16 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id}:${distro_codename}-backports"; + //"${distro_id}:${distro_codename}-proposed"; +}; + + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; +Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/files/lenny/50unattended-upgrades b/files/lenny/50unattended-upgrades deleted file mode 100644 index d55bb29..0000000 --- a/files/lenny/50unattended-upgrades +++ /dev/null @@ -1,13 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "Debian oldstable"; - "Debian-Security oldstable"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; - diff --git a/files/squeeze/50unattended-upgrades b/files/squeeze/50unattended-upgrades deleted file mode 100644 index 0901ad3..0000000 --- a/files/squeeze/50unattended-upgrades +++ /dev/null @@ -1,14 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "${distro_id}:stable"; - "${distro_id}:${distro_codename}-security"; - "${distro_id}:${distro_codename}-updates"; - "${distro_id} Backports:${distro_codename}-backports"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index c538831..f74fc81 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -7,10 +7,10 @@ class apt::unattended_upgrades { apt_conf { '50unattended-upgrades': source => [ - "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/site_apt/50unattended-upgrades', - "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/apt/50unattended-upgrades' ], + "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", + "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades", + "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", + "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades" ], require => Package['unattended-upgrades'], } -- cgit v1.2.3 From 07266be25546482b021e5ba62cf155b8b0e770be Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 14 Apr 2013 15:06:30 +0200 Subject: fix unattended-upgrades dependency cycle --- manifests/unattended_upgrades.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index f74fc81..2f6c2a5 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -2,7 +2,7 @@ class apt::unattended_upgrades { package { 'unattended-upgrades': ensure => present, - require => undef, + require => undef } apt_conf { '50unattended-upgrades': -- cgit v1.2.3 From b45052b227b01c955226362ffd9deda9d2bb4103 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sun, 26 May 2013 14:39:41 -0300 Subject: Updating unattended-upgrades squeeze config as oldstable (2) --- files/Debian/50unattended-upgrades.squeeze | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/files/Debian/50unattended-upgrades.squeeze b/files/Debian/50unattended-upgrades.squeeze index 38da1f4..8f4a926 100644 --- a/files/Debian/50unattended-upgrades.squeeze +++ b/files/Debian/50unattended-upgrades.squeeze @@ -1,9 +1,9 @@ // this file is managed by puppet ! Unattended-Upgrade::Allowed-Origins { - "${distro_id} stable"; - "${distro_id} ${distro_codename}-security"; - "${distro_id} ${distro_codename}-backports"; + "Debian oldstable"; + "Debian-Security oldstable"; + "${distro_id} ${distro_codename}-backports"; }; APT::Periodic::Update-Package-Lists "1"; -- cgit v1.2.3 From 4b2e554f8f3a84433e71955664a71ae8123c0543 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 29 May 2013 12:51:18 -0300 Subject: Changing 'testing' to 'wheezy' on 50unattended-upgrades.wheezy --- files/Debian/50unattended-upgrades.wheezy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy index 4463406..0901ad3 100644 --- a/files/Debian/50unattended-upgrades.wheezy +++ b/files/Debian/50unattended-upgrades.wheezy @@ -1,7 +1,7 @@ // this file is managed by puppet ! Unattended-Upgrade::Allowed-Origins { - "${distro_id}:testing"; + "${distro_id}:stable"; "${distro_id}:${distro_codename}-security"; "${distro_id}:${distro_codename}-updates"; "${distro_id} Backports:${distro_codename}-backports"; -- cgit v1.2.3 From 2e3c8fe71cec14411ccee2736f342440a7fedb92 Mon Sep 17 00:00:00 2001 From: Gabriel Filion Date: Fri, 31 May 2013 10:56:23 -0400 Subject: Regression: lost MailOnlyOnError for unattended-upgrades Since only wheezy supports it, let's add it back only for wheezy. Signed-off-by: Gabriel Filion --- files/Debian/50unattended-upgrades.wheezy | 1 + 1 file changed, 1 insertion(+) diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy index 0901ad3..e787bf5 100644 --- a/files/Debian/50unattended-upgrades.wheezy +++ b/files/Debian/50unattended-upgrades.wheezy @@ -12,3 +12,4 @@ APT::Periodic::Download-Upgradeable-Packages "1"; APT::Periodic::Unattended-Upgrade "1"; Unattended-Upgrade::Mail "root"; +Unattended-Upgrade::MailOnlyOnError "true"; -- cgit v1.2.3