From f0c91f753a67436ed517b7bd231ee892a8f6c071 Mon Sep 17 00:00:00 2001
From: david <david@f03ff2f1-f02d-0410-970d-b9634babeaa1>
Date: Mon, 25 Jun 2007 09:50:19 +0000
Subject: modularised apt

git-svn-id: http://club.black.co.at:82/svn/manifests/trunk@58 f03ff2f1-f02d-0410-970d-b9634babeaa1
---
 README                     | 19 ++++++++++
 files/backports.org.key    | 33 +++++++++++++++++
 manifests/init.pp          | 91 ++++++++++++++++++++++++++++++++++++++++++++++
 templates/preferences.erb  |  7 ++++
 templates/sources.list.erb | 14 +++++++
 5 files changed, 164 insertions(+)
 create mode 100644 README
 create mode 100644 files/backports.org.key
 create mode 100644 manifests/init.pp
 create mode 100644 templates/preferences.erb
 create mode 100644 templates/sources.list.erb

diff --git a/README b/README
new file mode 100644
index 0000000..8034a4f
--- /dev/null
+++ b/README
@@ -0,0 +1,19 @@
+Variables:
+	$apt_clean: Sets DSelect::Clean, defaults to 'auto' on normal hosts and
+		'pre-auto' in vservers, since the latter are usually more space-bound and
+		have better recovery mechanisms via the host
+		From apt.conf(5), 0.7.2: "Cache Clean mode; this value may be one of
+			always, prompt, auto, pre-auto and never. always and prompt will
+			remove all packages from the cache after upgrading, prompt (the
+			default) does so conditionally.  auto removes only those packages
+			which are no longer downloadable (replaced with a new version for
+			instance). pre-auto performs this action before downloading new
+			packages."
+
+Provided Resources:
+	File[apt_config]: Use this resource to depend on or add to a completed apt
+		configuration
+	Exec[apt_updated]: After this point, current packages can installed via apt,
+		usually used like this:
+		Package { require => Exec[apt_updated] }
+
diff --git a/files/backports.org.key b/files/backports.org.key
new file mode 100644
index 0000000..6e66404
--- /dev/null
+++ b/files/backports.org.key
@@ -0,0 +1,33 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.3 (GNU/Linux)
+
+mQGiBEMIgw4RBADueqAzlq+rQT9JYSSWnNzo6C+9crI8lzW/fcl2Q3PO97MOQTOx
+Qsf/lOh0Ku7O+VdBa+BwVPuUkSw6wTY5Ku1y/6r1BQzJ9oHkryDDJXsHzKhpdyFc
+/lD4hNGqRkiNg5ulwAI0O1eqffPWDmeR9ZzSsqM40f1U4TNLfPAu1viWxwCgnbWz
+onY6RqSYlRsDQaPsNTwieVEEAJeX2FGgNepD1SvfEremAkWCrYYlSZI76iTIf6bd
+kGkWqIT0vJyE2MNenhDJ2ebbHJVFmL9x8S3m1daC4Zwnacm7aoCY/QgMJ+Js1Fex
+Acev48W9KHgpVbFMd1t8KAwRbmFcQf0C/FZUbE7xScpTxS4z3SsMOuRyfnGpDOi6
+m/SnA/9wpquf3pPwbPykzKWNJEDouiJgt0zaFLauKDPeyTWeJ6htaAPDglArewdq
+bJ9M8QgLFtzjhg/fBQlRRUk7YP4OYtp1OdPkg2D/1rPQNySWlDf21T3N/K8ydKhR
+bYi+AsPuJLQUi3d+lVTFOebaL9felePvDC2/Eod7PSD1/rnkZ7Q0QmFja3BvcnRz
+Lm9yZyBBcmNoaXZlIEtleSA8ZnRwLW1hc3RlckBiYWNrcG9ydHMub3JnPohGBBAR
+AgAGBQJDgImkAAoJEHFe1qB+e4rJ2x4An2oI4xJpDvOx8uDIo9ihG1M0MpUqAJ9S
+cqVUmiyYSPtu8MwcZecy9kmOIYheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
+FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AniaEBvlr4oVFMrGgPiye7iE/jv68AJ48
+OkIfwcKJt7N8ImPAboeimFvWgIheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
+FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AnjdB14rGa/rzz1ohwsi1oEnDRYuyAJ44
+Nv8MTPjOaeEZArQ0flg8OXwF37kCDQRDCIMREAgAzXu6DGSDAz4JH+mlthtiQwNZ
+FU8bjWanGT3DL6zubxwc3ZQmRaMOiVuvJUuaJv8fdGRSvp09dP2/x5mzq2rACiEn
+DwZssNSK5sigxgy2W9zeO9bOtg6bhqZLwlsL8Y2xZhyGL3qGeP4zL1QbXZ1QdJuO
+90Xu7GWYS6Wsj+Y6dUsZFYvTZwSiLkEmgFUTxkNue3DQtZ/KNkwoKc+aqU+S7gDN
+StQDvTNtR6IV11KbKcY1iQ0B2bkh4zShWwloIr83V6huAhfH8GA7UW6saRJAof5D
+JWUb+PRmU2TAOOlyZoM4nMH+sFFDPOeG8fbecwlox5BRTMqcCB5ELbQXoVZT+wAD
+BQf/ffI9R53f9USQkhsSak+k82JjRo9hqKAvPwBv3fDhMYqX3XRmwgNeax2y6Ub0
+AQkDhIC6eJILP5hTb2gjpmYYP7YE/7F1h37lUg7dDYeyPQF54mUXPnIg3uQ/V9HB
+TY+ZW8rsVe1KRvPAuVFU77FfCvIFdLSXVi1HSUcGv9Y7Kk4Tkr7vzKshlcIp6zZr
+O0Y3t/+ekBwTTQqEoUylVYkCSt3z6bjpVWbepkL88rbqJnPueTATw9shjbFYaND8
+cXZox9tQmlOIZ6gDeH1YvFf7ObRLxULm7C6hwik6agtXWkNABVXSxM6MB4hcP9QC
++FEhK6y/7wC3SyNRBuFujDG1aohJBBgRAgAJBQJDCIMRAhsMAAoJEOqOiyEWuhNs
+VVMAoJ1gbL0PHVf7yDwMjO3HuJBErxLdAJ4v9ojJnvJu2yUl4W586soBm+wsLg==
+=fBrI
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/manifests/init.pp b/manifests/init.pp
new file mode 100644
index 0000000..c9e61bc
--- /dev/null
+++ b/manifests/init.pp
@@ -0,0 +1,91 @@
+# apt.pp - common components and defaults for handling apt
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+#
+# With hints from
+#  Micah Anderson <micah@riseup.net>
+#  * backports key
+
+class apt {
+
+	# See README
+	$real_apt_clean = $apt_clean ? {
+		'' => 'auto',
+		default => $apt_clean,
+	}
+
+	# a few templates need lsbdistcodename
+	include assert_lsbdistcodename
+
+	config_file {
+		# include main, security and backports
+		# additional sources could be included via an array
+		"/etc/apt/sources.list":
+			content => template("apt/sources.list.erb"),
+			require => Exec[assert_lsbdistcodename];
+		# this just pins unstable and testing to very low values
+		"/etc/apt/preferences":
+			content => template("apt/preferences.erb"),
+			# use File[apt_config] to reference a completed configuration
+			# See "The Puppet Semaphor" 2007-06-25 on the puppet-users ML
+			alias => apt_config,
+			# only update together
+			require => File["/etc/apt/sources.list"];
+		# little default settings which keep the system sane
+		"/etc/apt/apt.conf.d/from_puppet":
+			content => "APT::Get::Show-Upgraded true;\nDSelect::Clean $real_apt_clean;\n",
+			before => File[apt_config];
+	}
+
+	$base_dir = "/var/lib/puppet/modules/apt"
+	file {
+		# remove my legacy files
+		[ "/etc/apt/backports.key", "/etc/apt/apt.conf.d/local-conf" ]:
+			ensure => removed;
+		# create new modules dir
+		$base_dir: ensure => directory;
+		# watch apt.conf.d
+		"/etc/apt/apt.conf.d": ensure => directory, checksum => mtime;
+	}
+
+	# suppress annoying help texts of dselect
+	line { dselect_expert:
+		file => "/etc/dpkg/dselect.cfg",
+		line => "expert",
+		ensure => present,
+	}
+
+	exec {
+		"/usr/bin/apt-get -y update #on refresh":
+			refreshonly => true,
+			subscribe => [ File["/etc/apt/sources.list"],
+				File["/etc/apt/preferences"], File["/etc/apt/apt.conf.d"],
+				File[apt_config] ];
+		"/usr/bin/apt-get -y update && /usr/bin/apt-get autoclean #hourly":
+			require => [ File["/etc/apt/sources.list"],
+				File["/etc/apt/preferences"], File[apt_config] ],
+			# Another Semaphor for all packages to reference
+			alias => apt_updated;
+	}
+
+	case $lsbdistcodename {
+		etch: {
+			## This package should really always be current
+			package { "debian-archive-keyring": ensure => latest, }
+
+			# This key was downloaded from
+			# http://backports.org/debian/archive.key
+			# and is needed to verify the backports
+			file { "${base_dir}/backports.org.key":
+				source => "puppet://$servername/apt/backports.org.key",
+				mode => 0444, owner => root, group => root,
+				before => File[apt_config],
+			}
+			exec { "/usr/bin/apt-key add ${base_dir}/backports.org.key":
+				refreshonly => true,
+				subscribe => File["${base_dir}/backports.org.key"],
+				before => File[apt_config],
+			}
+		}
+	}
+}
diff --git a/templates/preferences.erb b/templates/preferences.erb
new file mode 100644
index 0000000..ac71582
--- /dev/null
+++ b/templates/preferences.erb
@@ -0,0 +1,7 @@
+Package: *
+Pin: release a=unstable
+Pin-Priority: 1
+
+Package: *
+Pin: release a=testing
+Pin-Priority: 2
diff --git a/templates/sources.list.erb b/templates/sources.list.erb
new file mode 100644
index 0000000..a3880c5
--- /dev/null
+++ b/templates/sources.list.erb
@@ -0,0 +1,14 @@
+# This file is brought to you by puppet
+
+# basic <%= dv %>
+deb http://ftp.at.debian.org/debian <%= dv %> main
+# security suppport
+deb http://security.debian.org/ <%= dv %>/updates main
+# local packages
+#deb http://puppetmaster:81/ /
+
+# additional packages, see preferences
+#deb http://ftp.at.debian.org/debian sid main
+
+# backports
+deb http://www.backports.org/debian/ <%= dv %>-backports main
-- 
cgit v1.2.3