From 92e35992ca6e3e4054ac928fe4c266ba967503dc Mon Sep 17 00:00:00 2001 From: nadir Date: Thu, 8 Nov 2012 10:07:38 +0100 Subject: added $apt_disable_update to disable "apt-get update" during puppetruns --- manifests/dist_upgrade.pp | 2 +- manifests/init.pp | 5 +++++ manifests/upgrade_package.pp | 13 ++++++++----- 3 files changed, 14 insertions(+), 6 deletions(-) (limited to 'manifests') diff --git a/manifests/dist_upgrade.pp b/manifests/dist_upgrade.pp index 9e26769..347ccc7 100644 --- a/manifests/dist_upgrade.pp +++ b/manifests/dist_upgrade.pp @@ -1,6 +1,6 @@ class apt::dist_upgrade { - include apt::update + if $apt::disable_update = false { include apt::update } exec { 'apt_dist-upgrade': command => "/usr/bin/apt-get -q -y -o 'DPkg::Options::=--force-confold' dist-upgrade", diff --git a/manifests/init.pp b/manifests/init.pp index 2ae691f..794347f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -40,6 +40,11 @@ class apt { '' => 'http://archive.ubuntu.com/ubuntu', default => "${apt_ubuntu_url}", } + $disable_update = $apt_disable_update ? { + '' => false, + default => $apt_disable_update + } + case $operatingsystem { 'debian': { $repos = $apt_repos ? { diff --git a/manifests/upgrade_package.pp b/manifests/upgrade_package.pp index 9202624..2ce6932 100644 --- a/manifests/upgrade_package.pp +++ b/manifests/upgrade_package.pp @@ -1,6 +1,8 @@ define apt::upgrade_package ($version = "") { - include apt::update + if $apt::disable_update == false { + include apt::update + } $version_suffix = $version ? { '' => '', @@ -24,10 +26,11 @@ define apt::upgrade_package ($version = "") { exec { "apt-get -q -y -o 'DPkg::Options::=--force-confold' install ${name}${version_suffix}": onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ], - require => [ - Exec['apt_updated'], - Package['apt-show-versions', 'dctrl-tools'], - ], + require => $apt::disable_update ? { + true => Package['apt-show-versions', 'dctrl-tools'], + default => [ Exec['apt_updated'], + Package['apt-show-versions', 'dctrl-tools'] ], + } } } -- cgit v1.2.3 From f16a0727dce187d07389388da8b816f7b520205d Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 1 Feb 2013 11:01:23 +0100 Subject: Install unattended-upgrades after Exec[refresh_apt] Before, including apt::unattended_upgrades on a host without the unattended-upgrades package would fail on the first run, because the module tries to install the package before apt is finally configured. This commit does: - introduce the option $refresh_apt for apt::apt_conf (Defaults to true). Can be used to not trigger Exec['refresh_apt'] - install the unattended-upgrades package after a final Exec['refresh_apt']. To not run into a loop, it calls Apt_conf['50unattended-upgrades'] with the option refresh_apt => false, which is also not needed for the configuration --- manifests/apt_conf.pp | 11 +++++++++-- manifests/unattended_upgrades.pp | 19 ++++++++++++------- 2 files changed, 21 insertions(+), 9 deletions(-) (limited to 'manifests') diff --git a/manifests/apt_conf.pp b/manifests/apt_conf.pp index d78fb9b..f446c69 100644 --- a/manifests/apt_conf.pp +++ b/manifests/apt_conf.pp @@ -1,7 +1,8 @@ define apt::apt_conf( $ensure = 'present', $source = '', - $content = undef ) + $content = undef, + $refresh_apt = true ) { if $source == '' and $content == undef { @@ -22,7 +23,6 @@ define apt::apt_conf( owner => root, group => 0, mode => '0644', - notify => Exec['refresh_apt'], } if $source { @@ -35,4 +35,11 @@ define apt::apt_conf( content => $content, } } + + if $refresh_apt { + File["/etc/apt/apt.conf.d/${name}"] { + notify => Exec['refresh_apt'], + } + } + } diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index c538831..b9d19c3 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -2,16 +2,21 @@ class apt::unattended_upgrades { package { 'unattended-upgrades': ensure => present, - require => undef, + require => Exec[refresh_apt] } apt_conf { '50unattended-upgrades': - source => [ - "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/site_apt/50unattended-upgrades', - "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/apt/50unattended-upgrades' ], - require => Package['unattended-upgrades'], + source => [ + "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades", + 'puppet:///modules/site_apt/50unattended-upgrades', + "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades", + 'puppet:///modules/apt/50unattended-upgrades' ], + require => Package['unattended-upgrades'], + refresh_apt => false + } + + Apt_conf['50unattended-upgrades'] { + notify => undef } if $apt::custom_preferences != false { -- cgit v1.2.3 From c8a28eb80ec87e65d5cacb2d109d4c0bcbbc76db Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 14 Mar 2013 20:01:35 +0100 Subject: apt keys: always deploy before Exec[refresh_apt], also with $custom_preferences --- manifests/init.pp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'manifests') diff --git a/manifests/init.pp b/manifests/init.pp index 020c1cc..0f60efb 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -128,7 +128,11 @@ class apt( } if $custom_preferences != false { Exec['custom_keys'] { - before => File['apt_config'], + before => [ Exec[refresh_apt], File['apt_config'] ] + } + } else { + Exec['custom_keys'] { + before => Exec[refresh_apt] } } } -- cgit v1.2.3 From 7e8113b3fcf6f251ca9d5e2f39f43fd024058c97 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 14 Mar 2013 22:19:33 +0100 Subject: deploy /etc/apt/preferences before File['apt_config'] --- manifests/preferences.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'manifests') diff --git a/manifests/preferences.pp b/manifests/preferences.pp index 9ed24c1..5cfaff2 100644 --- a/manifests/preferences.pp +++ b/manifests/preferences.pp @@ -14,7 +14,8 @@ class apt::preferences { # only update together content => $pref_contents, require => File['/etc/apt/sources.list'], - owner => root, group => 0, mode => '0644'; + owner => root, group => 0, mode => '0644', + before => File['apt_config']; } } -- cgit v1.2.3 From 6bf7a6ab5d6e63f75c94f49aa0f12959e954efa8 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 15 Mar 2013 20:28:25 +0100 Subject: Revert "deploy /etc/apt/preferences before File['apt_config']" This reverts commit 7e8113b3fcf6f251ca9d5e2f39f43fd024058c97. see https://leap.se/code/issues/1990 for the miserious details. --- manifests/preferences.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'manifests') diff --git a/manifests/preferences.pp b/manifests/preferences.pp index 5cfaff2..9ed24c1 100644 --- a/manifests/preferences.pp +++ b/manifests/preferences.pp @@ -14,8 +14,7 @@ class apt::preferences { # only update together content => $pref_contents, require => File['/etc/apt/sources.list'], - owner => root, group => 0, mode => '0644', - before => File['apt_config']; + owner => root, group => 0, mode => '0644'; } } -- cgit v1.2.3 From 355372f31cc93ea975c89dc2977d942ee048fe9d Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 14 Apr 2013 14:54:10 +0200 Subject: using distribution sprecific files again --- files/50unattended-upgrades | 20 -------------------- files/Debian/50unattended-upgrades | 14 ++++++++++++++ files/Debian/50unattended-upgrades.lenny | 13 +++++++++++++ files/Debian/50unattended-upgrades.squeeze | 13 +++++++++++++ files/Debian/50unattended-upgrades.wheezy | 14 ++++++++++++++ files/Ubuntu/50unattended-upgrades | 16 ++++++++++++++++ files/lenny/50unattended-upgrades | 13 ------------- files/squeeze/50unattended-upgrades | 14 -------------- manifests/unattended_upgrades.pp | 8 ++++---- 9 files changed, 74 insertions(+), 51 deletions(-) delete mode 100644 files/50unattended-upgrades create mode 100644 files/Debian/50unattended-upgrades create mode 100644 files/Debian/50unattended-upgrades.lenny create mode 100644 files/Debian/50unattended-upgrades.squeeze create mode 100644 files/Debian/50unattended-upgrades.wheezy create mode 100644 files/Ubuntu/50unattended-upgrades delete mode 100644 files/lenny/50unattended-upgrades delete mode 100644 files/squeeze/50unattended-upgrades (limited to 'manifests') diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades deleted file mode 100644 index 329c95c..0000000 --- a/files/50unattended-upgrades +++ /dev/null @@ -1,20 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Origins-Pattern { - // Debian - "${distro_id} ${distro_codename}"; - "${distro_id} ${distro_codename}-updates"; - "${distro_id} ${distro_codename}-security"; - "${distro_id} Backports:${distro_codename}-backports"; - // Ubuntu specific - "${distro_id} ${distro_codename}-security"; - "${distro_id} ${distro_codename}-backports"; - "${distro_id} ${distro_codename}-proposed"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; -Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/files/Debian/50unattended-upgrades b/files/Debian/50unattended-upgrades new file mode 100644 index 0000000..0901ad3 --- /dev/null +++ b/files/Debian/50unattended-upgrades @@ -0,0 +1,14 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:stable"; + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id} Backports:${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Debian/50unattended-upgrades.lenny b/files/Debian/50unattended-upgrades.lenny new file mode 100644 index 0000000..d55bb29 --- /dev/null +++ b/files/Debian/50unattended-upgrades.lenny @@ -0,0 +1,13 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "Debian oldstable"; + "Debian-Security oldstable"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; + diff --git a/files/Debian/50unattended-upgrades.squeeze b/files/Debian/50unattended-upgrades.squeeze new file mode 100644 index 0000000..38da1f4 --- /dev/null +++ b/files/Debian/50unattended-upgrades.squeeze @@ -0,0 +1,13 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id} stable"; + "${distro_id} ${distro_codename}-security"; + "${distro_id} ${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Debian/50unattended-upgrades.wheezy b/files/Debian/50unattended-upgrades.wheezy new file mode 100644 index 0000000..4463406 --- /dev/null +++ b/files/Debian/50unattended-upgrades.wheezy @@ -0,0 +1,14 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:testing"; + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id} Backports:${distro_codename}-backports"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; diff --git a/files/Ubuntu/50unattended-upgrades b/files/Ubuntu/50unattended-upgrades new file mode 100644 index 0000000..25c7758 --- /dev/null +++ b/files/Ubuntu/50unattended-upgrades @@ -0,0 +1,16 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id}:${distro_codename}-backports"; + //"${distro_id}:${distro_codename}-proposed"; +}; + + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; +Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/files/lenny/50unattended-upgrades b/files/lenny/50unattended-upgrades deleted file mode 100644 index d55bb29..0000000 --- a/files/lenny/50unattended-upgrades +++ /dev/null @@ -1,13 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "Debian oldstable"; - "Debian-Security oldstable"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; - diff --git a/files/squeeze/50unattended-upgrades b/files/squeeze/50unattended-upgrades deleted file mode 100644 index 0901ad3..0000000 --- a/files/squeeze/50unattended-upgrades +++ /dev/null @@ -1,14 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "${distro_id}:stable"; - "${distro_id}:${distro_codename}-security"; - "${distro_id}:${distro_codename}-updates"; - "${distro_id} Backports:${distro_codename}-backports"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index c538831..f74fc81 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -7,10 +7,10 @@ class apt::unattended_upgrades { apt_conf { '50unattended-upgrades': source => [ - "puppet:///modules/site_apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/site_apt/50unattended-upgrades', - "puppet:///modules/apt/${::lsbdistcodename}/50unattended-upgrades", - 'puppet:///modules/apt/50unattended-upgrades' ], + "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", + "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades", + "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", + "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades" ], require => Package['unattended-upgrades'], } -- cgit v1.2.3 From 3813bdcce1b77f9acaa7934178b609b9fe950bed Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 14 Apr 2013 15:06:30 +0200 Subject: fix unattended-upgrades dependency cycle --- manifests/unattended_upgrades.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests') diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index a038cab..2f6c2a5 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -2,7 +2,7 @@ class apt::unattended_upgrades { package { 'unattended-upgrades': ensure => present, - require => Exec[refresh_apt] + require => undef } apt_conf { '50unattended-upgrades': -- cgit v1.2.3