From 2ee70ab5e08eadfe750b5b7131b258270cbca402 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 12:20:14 -0500 Subject: Set dselect DSelect::Clean to 'pre-auto' by default for hosts that are vservers. Before you only had the choice of setting a 03clean apt configuration for either all hosts, or every single host. Setting it to have the recommended settings for vservers for all hosts meant that you were setting it for non-vservers as well as vservers. The other option you had was to set it per host. This was a bit annoying if you have any more than one vserver because you would need to create a 03clean for every single vserver guest. This change auto-detects if the node is a vserver, and if it is it automatically installs the 03clean_vserver file, with the recommended DSelect::Clean settings, and allows you to override this for all of your vservers, or for specific hosts. --- README | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'README') diff --git a/README b/README index 4c5e727..8118d3c 100644 --- a/README +++ b/README @@ -20,10 +20,10 @@ This module needs: - lsb-release installed - the common module: git://labs.riseup.net/shared-common -By default, this module sets the configuration option DSelect::Clean to 'auto'. -It is the recommended value on normal hosts. On virtual servers, the -recommended value is 'pre-auto', since virtual servers are usually more -space-bound and have better recovery mechanisms via the host: +By default, on normal hosts, this module sets the configuration option +DSelect::Clean to 'auto'. On virtual servers, the value is set by default to +'pre-auto', because virtual servers are usually more space-bound and have better +recovery mechanisms via the host: From apt.conf(5), 0.7.2: "Cache Clean mode; this value may be one of always, prompt, auto, @@ -35,10 +35,11 @@ From apt.conf(5), 0.7.2: packages." To change the default setting for DSelect::Clean, you can create a file named -"03clean" in a site-apt module's files directory. You can also define this for -a specific host by creating a file in a subdirectory of the site-apt modules' -files directory that is named the same as the host. (example: -site-apt/files/some.host.com/03clean) +"03clean" or "03clean_vserver" in your site-apt module's files directory. You +can also define this for a specific host by creating a file in a subdirectory of +the site-apt modules' files directory that is named the same as the +host. (example: site-apt/files/some.host.com/03clean, or +site-apt/files/some.host.com/03clean_vserver) Variables ========= -- cgit v1.2.3 From 7e1a187f243d64073f660ba8928896e7a1d81db3 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:39:54 -0500 Subject: README update: clarify the site-apt preferences options The README described a few things that were not true relating to the apt/preferences file. First of all it said you could ship a 'file', but preferences.pp very clearly uses the 'content => $custom_preferences' parameter, which will not take file sources, only templates. Secondly, it seemed to imply that you could just drop the custom preferences into your site-apt and it would work. But you actually need to set the $custom_preferences to indicate the content source. Lastly, it said that you could specify a host-specific file in the site-apt module, but there is no facility for this (nor can you use files). Perhaps this is where this module is going eventually, once we have a preferences.d possibility? Until then, it makes more sense to have it reflect the current situation. --- README | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) (limited to 'README') diff --git a/README b/README index 8118d3c..97a398b 100644 --- a/README +++ b/README @@ -75,15 +75,9 @@ installation will not accidentally pull in packages from those suites unless you explicitly specify the version number. This file will be complemented with all of the preferences_snippet calls (see below). -If the default preferences template doesn't suit your needs, you can -create a file named 'preferences' in a site-apt module's files -directory. You can also create a host-specific file: - - site-apt - - files/ - - server.domain.com/ - - preferences - preferences +If the default preferences template doesn't suit your needs, you can create a +template located in your site-apt module, and set $custom_preferences with the +location (eg. $custom_preferences = "puppet:///modules/site-apt/preferences") Setting this variable to false before including this class will force the apt/preferences file to be absent: -- cgit v1.2.3 From b59bdb0a89bad0a83bda141aa19213b760e6896c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:44:30 -0500 Subject: README update: clarify that the debian-archive-keyring is managed already Just so people are clear that they do not need to specify a $custom_key_dir to manage the debian archive keyring, I've added some clarifying text so you know that this is not necessary --- README | 3 +++ 1 file changed, 3 insertions(+) (limited to 'README') diff --git a/README b/README index 97a398b..b448859 100644 --- a/README +++ b/README @@ -92,6 +92,9 @@ apt keyring, you can set this variable to a path in your fileserver where individual key files can be placed. If this is set and keys exist there, this module will 'apt-key add' each key. +The debian-archive-keyring package is installed and kept current up to the +latest revision (this includes the backports archive keyring). + $apt_proxy / $apt_proxy_port ---------------------------- -- cgit v1.2.3 From 1c1ed0e352c69296ac2681246de24875572cd534 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:53:01 -0500 Subject: README update: minor typo fix --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'README') diff --git a/README b/README index b448859..406266a 100644 --- a/README +++ b/README @@ -159,7 +159,7 @@ apt --- The apt class sets up most of the documented functionality. To use -functionality that is not enabled by default, you must inlucde one of +functionality that is not enabled by default, you must include one of the following classes. apt::cron::download -- cgit v1.2.3 From dd0552dce13f123dc05c5600232216f905c70f7b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 23:03:15 -0500 Subject: update apt::preseeded_package template sources to use $lsbdistcodename instead of $debian_release, also expand it to allow for site-apt sources --- README | 8 ++++---- manifests/preseeded_package.pp | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'README') diff --git a/README b/README index 406266a..7abb1ea 100644 --- a/README +++ b/README @@ -226,10 +226,10 @@ apt::preseeded_package ---------------------- This simplifies installation of packages for which you wish to preseed the -answers to debconf. For example, if you wish to provide a preseed file -for the locales package, you would place the locales.seed file in -'templates/$debian_version/locales.seeds' and then include the following -in your manifest: +answers to debconf. For example, if you wish to provide a preseed file for the +locales package, you would place the locales.seed file in +'site-apt/templates/$lsbdistcodename/locales.seeds' and then include the +following in your manifest: apt::preseeded_package { locales: } diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 8f3bcbd..74aafa5 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,7 +1,9 @@ define apt::preseeded_package ($content = "", $ensure = "installed") { $seedfile = "/var/cache/local/preseeding/$name.seeds" $real_content = $content ? { - "" => template ( "$name.seeds", "$debian_version/$name.seeds" ), + "" => template ( "site-apt/$name.seeds", + "site-apt/$lsbdistcodename/$name.seeds", + "$name.seeds", "$lsbdistcodename/$name.seeds" ), default => $content } -- cgit v1.2.3 From 36c4873f87af74ba1ab9f780db2992c788ef925f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 23:57:25 -0500 Subject: multiple sources for templates are not allowed (see #1818), so revert it to a single source referenced by the README, and clarify the README to indicate how you can pass the preseed contents directly --- README | 8 ++++---- manifests/preseeded_package.pp | 4 +--- 2 files changed, 5 insertions(+), 7 deletions(-) (limited to 'README') diff --git a/README b/README index 7abb1ea..109c92a 100644 --- a/README +++ b/README @@ -233,11 +233,11 @@ following in your manifest: apt::preseeded_package { locales: } -You can also specify 'content' to define this file via a template. Here's an -example for preseeding installation of the 'mysql' package with a template: +You can also specify the content of the seed via the content parameter, +for example: - apt::preseeded_package { "mysql": - content => template("site-apt/mysql.seed.erb"), + apt::preseeded_package { "apticron": + content => "apticron apticron/notification string root@example.com", } apt::sources_list diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 74aafa5..42c6200 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,9 +1,7 @@ define apt::preseeded_package ($content = "", $ensure = "installed") { $seedfile = "/var/cache/local/preseeding/$name.seeds" $real_content = $content ? { - "" => template ( "site-apt/$name.seeds", - "site-apt/$lsbdistcodename/$name.seeds", - "$name.seeds", "$lsbdistcodename/$name.seeds" ), + "" => template ( "site-apt/$lsbdistcodename/$name.seeds" ) default => $content } -- cgit v1.2.3 From fbb291ed19eeb9a64d4aed78c48d221315da7866 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:24:24 -0500 Subject: add apticron support. Why apticron, when we have cron-apt already? Some people have different preferences, we use apticron along with the upgrade_package functionality in this module. I know someone who uses cron-apt to run the upgrades, but apticron for notifications, because apticron's notifications are much nicer (cron-apt just gives you the output of apt-get upgrade) --- README | 18 +++++++++ manifests/apticron.pp | 54 +++++++++++++++++++++++++ templates/Debian/apticron_lenny.erb | 46 +++++++++++++++++++++ templates/Debian/apticron_squeeze.erb | 75 +++++++++++++++++++++++++++++++++++ 4 files changed, 193 insertions(+) create mode 100644 manifests/apticron.pp create mode 100644 templates/Debian/apticron_lenny.erb create mode 100644 templates/Debian/apticron_squeeze.erb (limited to 'README') diff --git a/README b/README index 109c92a..355379b 100644 --- a/README +++ b/README @@ -162,6 +162,24 @@ The apt class sets up most of the documented functionality. To use functionality that is not enabled by default, you must include one of the following classes. +apt::apticron +------------- + +When you include this class, apticron will be installed, with the following +defaults, which you are free to change before you include the class: + + $apticron_ensure_version = "present" + $apticron_email = "root" + $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb" + $apticron_diff_only = "1" + $apticron_listchanges_profile = "apticron" + $apticron_system = false + $apticron_ipaddressnum = false + $apticron_ipaddresses = false + $apticron_notifyholds = "0" + $apticron_notifynew = "0" + $apticron_customsubject = "" + apt::cron::download ------------------- diff --git a/manifests/apticron.pp b/manifests/apticron.pp new file mode 100644 index 0000000..7f834a5 --- /dev/null +++ b/manifests/apticron.pp @@ -0,0 +1,54 @@ +class apt::apticron { + + case $apticron_ensure_version { + '': { $apticron_ensure_version = "present" } + } + + case $apticron_config { + '': { $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb" } + } + + case $apticron_email { + '': { $apticron_email = "root" } + } + + case $apticron_diff_only { + '': { $apticron_diff_only = "1" } + } + + case $apticron_listchanges_profile { + '': { $apticron_listchanges_profile = "apticron" } + } + + case $apticron_system { + '': { $apticron_system = false } + } + + case $apticron_ipaddressnum { + '': { $apticron_ipaddressnum = false } + } + + case $apticron_ipaddresses { + '': { $apticron_ipaddresses = false } + } + + case $apticron_notifyholds { + '': { $apticron_notifyholds = "0" } + } + + case $apticron_notifynew { + '': { $apticron_notifynew = "0" } + } + + case $apticron_customsubject { + '': { $apticron_customsubject = "" } + } + + package { apticron: ensure => $apticron_ensure_version } + + file { "/etc/apticron/apticron.conf": + content => template($apticron_config), + mode => 0644, owner => root, group => root, + require => Package["apticron"]; + } +} diff --git a/templates/Debian/apticron_lenny.erb b/templates/Debian/apticron_lenny.erb new file mode 100644 index 0000000..9505633 --- /dev/null +++ b/templates/Debian/apticron_lenny.erb @@ -0,0 +1,46 @@ +# apticron.conf +# +# set EMAIL to a list of addresses which will be notified of impending updates +# +EMAIL="<%= apticron_email %>" + +# +# Set DIFF_ONLY to "1" to only output the difference of the current run +# compared to the last run (ie. only new upgrades since the last run). If there +# are no differences, no output/email will be generated. By default, apticron +# will output everything that needs to be upgraded. +# +DIFF_ONLY="<%= apticron_diff_only %>" + +# +# Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges +# with the --profile option. You should add a corresponding profile to +# /etc/apt/listchanges.conf +# +LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" + +# +# Set SYSTEM if you would like apticron to use something other than the output +# of "hostname -f" for the system name in the mails it generates +# +# SYSTEM="foobar.example.com" +<%- if has_variable?(apticron_system) and instance_variable_get("@#{apticron_system}").to_s != "false" -%> +<%= 'SYSTEM="' + instance_variable_get("@#{apticron_system}").to_s + '"' %> + +# +# Set IPADDRESSNUM if you would like to configure the maximal number of IP +# addresses apticron displays. The default is to display 1 address of each +# family type (inet, inet6), if available. +# +# IPADDRESSNUM="1" +<%- if has_variable?(apticron_ipaddressnum) and instance_variable_get("@#{apticron_ipaddressnum}").to_s != "false" -%> +<%= 'IPADDRESSNUM="' + instance_variable_get("@#{apticron_ipaddressnum}").to_s + '"' %> + +# +# Set IPADDRESSES to a whitespace seperated list of reachable addresses for +# this system. By default, apticron will try to work these out using the +# "ip" command +# +# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" +<%- if has_variable?(apticron_ipaddresses) and instance_variable_get("@#{apticron_ipaddresses}").to_s != "false" -%> +<%= 'IPADDRESSES="' + instance_variable_get("@#{apticron_ipaddresses}").to_s + '"' %> diff --git a/templates/Debian/apticron_squeeze.erb b/templates/Debian/apticron_squeeze.erb new file mode 100644 index 0000000..274f14d --- /dev/null +++ b/templates/Debian/apticron_squeeze.erb @@ -0,0 +1,75 @@ +# apticron.conf +# +# set EMAIL to a space separated list of addresses which will be notified of +# impending updates +# +EMAIL="<%= apticron_email %>" + +# +# Set DIFF_ONLY to "1" to only output the difference of the current run +# compared to the last run (ie. only new upgrades since the last run). If there +# are no differences, no output/email will be generated. By default, apticron +# will output everything that needs to be upgraded. +# +DIFF_ONLY="<%= apticron_diff_only %>" + +# +# Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges +# with the --profile option. You should add a corresponding profile to +# /etc/apt/listchanges.conf +# +LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" + +# +# Set SYSTEM if you would like apticron to use something other than the output +# of "hostname -f" for the system name in the mails it generates +# +# SYSTEM="foobar.example.com" +<%- if has_variable?(apticron_system) and instance_variable_get("@#{apticron_system}").to_s != "false" -%> +<%= 'SYSTEM="' + instance_variable_get("@#{apticron_system}").to_s + '"' %> + +# +# Set IPADDRESSNUM if you would like to configure the maximal number of IP +# addresses apticron displays. The default is to display 1 address of each +# family type (inet, inet6), if available. +# +# IPADDRESSNUM="1" +<%- if has_variable?(apticron_ipaddressnum) and instance_variable_get("@#{apticron_ipaddressnum}").to_s != "false" -%> +<%= 'IPADDRESSNUM="' + instance_variable_get("@#{apticron_ipaddressnum}").to_s + '"' %> + +# +# Set IPADDRESSES to a whitespace separated list of reachable addresses for +# this system. By default, apticron will try to work these out using the +# "ip" command +# +# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" +<%- if has_variable?(apticron_ipaddresses) and instance_variable_get("@#{apticron_ipaddresses}").to_s != "false" -%> +<%= 'IPADDRESSES="' + instance_variable_get("@#{apticron_ipaddresses}").to_s + '"' %> + +# +# Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of +# packages on hold in your system. The default behavior is downloading and +# listing them as any other package. +# +# NOTIFY_HOLDS="0" +NOTIFY_HOLDS="<%= apticron_notifyholds %>" + +# +# Set NOTIFY_NEW="0" if you don't want to be notified about packages which +# are not installed in your system. Yes, it's possible! There are some issues +# related to systems which have mixed stable/unstable sources. In these cases +# apt-get will consider for example that packages with "Priority: +# required"/"Essential: yes" in unstable but not in stable should be installed, +# so they will be listed in dist-upgrade output. Please take a look at +# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44 +# +# NOTIFY_NEW="0" +NOTIFY_NEW="<%= apticron_notifynew %>" + +# +# Set CUSTOM_SUBJECT if you want to replace the default subject used in +# the notification e-mails. This may help filtering/sorting client-side e-mail. +# +# CUSTOM_SUBJECT="" +CUSTOM_SUBJECT="<%= apticron_customsubject %>" + -- cgit v1.2.3 From 13bf7d0623fceb3b97cc90f0a9a9dcd8afdb03e8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:25:09 -0500 Subject: add apt-listchanges support. this is a nice compliment to using the upgrade_package functionality, because you get an email when the package has been upgraded. --- README | 13 +++++++++++ manifests/listchanges.pp | 38 ++++++++++++++++++++++++++++++++ templates/Debian/listchanges_lenny.erb | 7 ++++++ templates/Debian/listchanges_squeeze.erb | 1 + 4 files changed, 59 insertions(+) create mode 100644 manifests/listchanges.pp create mode 100644 templates/Debian/listchanges_lenny.erb create mode 120000 templates/Debian/listchanges_squeeze.erb (limited to 'README') diff --git a/README b/README index 355379b..f171e8c 100644 --- a/README +++ b/README @@ -198,6 +198,19 @@ apt::dselect This class, when included, installs dselect and switches it to expert mode to suppress superfluous help screens. +apt::listchanges + +This class, when included, installs apt-listchanges and configures it using the +following variables, the defaults are below: + + $listchanges_version = "present" + $listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb" + $listchanges_frontend = "pager" + $listchanges_email = "root" + $listchanges_confirm = "0" + $listchanges_saveseen = "/var/lib/apt/listchanges.db" + $listchanges_which = "both" + apt::proxy_client ----------------- diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp new file mode 100644 index 0000000..3b886bf --- /dev/null +++ b/manifests/listchanges.pp @@ -0,0 +1,38 @@ +class apt::listchanges { + + case $listchanges_version { + '': { $listchanges_version = "present" } + } + + case $listchanges_config { + '': { $listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb" } + } + + case $listchanges_frontend { + '' { $listchanges_frontend = "pager" } + } + + case $listchanges_email { + '': { $listchanges_email = "root" } + } + + case $listchanges_confirm { + '': { $listchanges_confirm = "0" } + } + + case $listchanges_saveseen { + '': { $listchanges_saveseen = "/var/lib/apt/listchanges.db" } + } + + case $listchanges_which { + '': { $listchanges_which = "both" } + } + + package { apt-listchanges: ensure => $listchanges_ensure_version } + + file { "/etc/apt/listchanges.conf": + content => template($listchanges_config), + mode => 0644, owner => root, group => root, + require => Package["apt-listchanges"]; + } +} diff --git a/templates/Debian/listchanges_lenny.erb b/templates/Debian/listchanges_lenny.erb new file mode 100644 index 0000000..fec3b68 --- /dev/null +++ b/templates/Debian/listchanges_lenny.erb @@ -0,0 +1,7 @@ +[apt] +frontend=<%= listchanges_frontend %> +email_address=<%= listchanges_email %> +confirm=<%= listchanges_confirm %> +save_seen=<%= listchanges_saveseen %> +which=<%= listchanges_which %> + diff --git a/templates/Debian/listchanges_squeeze.erb b/templates/Debian/listchanges_squeeze.erb new file mode 120000 index 0000000..74ab496 --- /dev/null +++ b/templates/Debian/listchanges_squeeze.erb @@ -0,0 +1 @@ +listchanges_lenny.erb \ No newline at end of file -- cgit v1.2.3 From ab3a5294cf0ea0cf2ad233e04bf13f7631f9454c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 9 Dec 2010 09:51:00 -0500 Subject: removed bit from README that is no longer true --- README | 4 ---- 1 file changed, 4 deletions(-) (limited to 'README') diff --git a/README b/README index f171e8c..7c747a1 100644 --- a/README +++ b/README @@ -325,10 +325,6 @@ Package { require => Exec[apt_updated] } TODO ==== -Currently this module updates the caches on every run. Running apt-get update is -an expensive operation and should be done only on schedule by using -apticron or cron-apt. - Sometimes -- especially when initially starting management or deploying new packages -- a immediate update is really needed to be able to install the right packages without errors. Thus a method should be devised to be able to specify -- cgit v1.2.3