From 2b2950b20e2b171c2798e1265cde62a44382616f Mon Sep 17 00:00:00 2001 From: nadir Date: Thu, 10 Dec 2009 11:00:00 +0100 Subject: added $backports_enabled for including backports repository --- templates/sources.list.backports.erb | 8 ++++++++ templates/sources.list.erb | 6 ------ 2 files changed, 8 insertions(+), 6 deletions(-) create mode 100644 templates/sources.list.backports.erb (limited to 'templates') diff --git a/templates/sources.list.backports.erb b/templates/sources.list.backports.erb new file mode 100644 index 0000000..b62f6d3 --- /dev/null +++ b/templates/sources.list.backports.erb @@ -0,0 +1,8 @@ +# This file is brought to you by puppet + +# backports +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There are no backports for for <%= lsbdistcodename %> +<% else -%> +deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main +<% end -%> diff --git a/templates/sources.list.erb b/templates/sources.list.erb index 169d7b5..feb5603 100644 --- a/templates/sources.list.erb +++ b/templates/sources.list.erb @@ -9,9 +9,3 @@ deb http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free <% end -%> -# backports -<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> -# There are no backports for for <%= lsbdistcodename %> -<% else -%> -deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main -<% end -%> -- cgit v1.2.3 From 854f3c10b09b46ef9d9fce5293dd0665b619065e Mon Sep 17 00:00:00 2001 From: root Date: Fri, 11 Dec 2009 17:51:49 +0100 Subject: Added apt::unattended_upgrades class, and extra template for "deb-src" --- README | 25 +++++++++++++++++++--- files/50unattended-upgrades | 43 ++++++++++++++++++++++++++++++++++++++ manifests/init.pp | 33 ++++++++++++++++++++++++++++- templates/sources.list.deb-src.erb | 11 ++++++++++ 4 files changed, 108 insertions(+), 4 deletions(-) create mode 100644 files/50unattended-upgrades create mode 100644 templates/sources.list.deb-src.erb (limited to 'templates') diff --git a/README b/README index 8299c02..72afcfc 100644 --- a/README +++ b/README @@ -72,11 +72,30 @@ apt keyring, you can set this variable to a path in your fileserver where individual key files can be placed. If this is set and keys exist there, this module will apt-key add each key +$backports_enabled +------------------ +If set to true, the debian backports repository is enabled through a +file in /etc/apt/sources.d/. Defaults to false. + +$apt_deb_src_enabled +-------------------- +If set to true, the debian sources repository is enabled through a +file in /etc/apt/sources.d/. Defaults to false. + + Classes ======= - -This module contains only the apt class, which sets up all described -functionality. +apt +--- +Sets up the basic apt package management. + +apt::unattended_upgrades +------------------------ +Sets up the unattended-upgrades package, and configures it mostly through +the file /etc/apt/apt.conf.d/50unattended-upgrades. +Unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that +wildcards aren't recognized, so use it with care ! +http://packages.debian.org/de/lenny/unattended-upgrades Resources diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades new file mode 100644 index 0000000..06036bf --- /dev/null +++ b/files/50unattended-upgrades @@ -0,0 +1,43 @@ +// this file is managed by puppet ! +// +//See https://wiki.ubuntu.com/AutomaticUpdates for more details about this feature. + +// allowed (origin, archive) pairs +Unattended-Upgrade::Allowed-Origins { + "Debian stable"; + "Debian-Security stable"; +// "Debian testing"; +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Unattended-Upgrade "1"; +Unattended-Upgrade::Mail "root"; + +APT::UnattendedUpgrades::LogDir "/var/log/"; +APT::UnattendedUpgrades::LogFile "unattended_upgrades.log"; + +Unattended-Upgrade::Package-Blacklist { + // we don't want the kernel to be updated so nagios still can give a warnig if there is + // a manual update (and reboot) left + + "linux-image-*"; + + // unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that wildcards aren't recognized: + //2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-* + //2009-12-11 13:41:43,267 INFO Starting unattended upgrades script + //2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"] + //2009-12-11 13:41:45,233 INFO Packages that are upgraded: linux-image-2.6.26-2-amd64 + //2009-12-11 13:41:45,233 INFO Writing dpkg log to '/var/log/unattended-upgrades-dpkg_2009-12-11_13:41:45.233713.log' + //2009-12-11 13:42:11,988 INFO All upgrades installed + + "linux-image-2.6.18-5-vserver-686"; + "linux-image-2.6.18-5-xen-vserver-686"; + "linux-image-2.6.18-6-vserver-686"; + "linux-image-2.6.18-6-xen-vserver-686"; + "linux-image-2.6.24.3"; + "linux-image-2.6.26-1-686"; + "linux-image-2.6.26-2-xen-amd64"; + "linux-image-2.6.26-2-xen-686"; + "linux-image-2.6.26-2-amd64"; +}; + diff --git a/manifests/init.pp b/manifests/init.pp index 1af6e1f..07b6c2b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,6 +3,7 @@ # Copyright (C) 2007 David Schmitt # See LICENSE for the full license granted to you. + class apt { # See README @@ -15,6 +16,11 @@ class apt { '' => 'false', default => $backports_enabled, } + + $apt_deb_src_enabled = $apt_deb_src_enabled ? { + 'true' => 'true', + default => $apt_deb_src_enabled, + } package { apt: ensure => installed } @@ -150,7 +156,17 @@ class apt { default: { } } - + case $apt_deb_src_enabled { + 'true': { + config_file { + # deb-src + "/etc/apt/sources.list.d/debian-sources.list": + content => template("apt/sources.list.deb-src.erb"), + require => Exec[assert_lsbdistcodename]; + } + } + default: {} + } case $custom_key_dir { '': { @@ -226,3 +242,18 @@ class dselect { package { dselect: ensure => installed } } + + +class apt::unattended_upgrades { + case $operatingsystem { + debian,ubuntu: { + package { unattended-upgrades : ensure => latest; } + file { "/etc/apt/apt.conf.d/50unattended-upgrades": + source => "puppet://$server/modules/apt/50unattended-upgrades" } + } + + default: { notice "unknown operatingsystem: $operatingsystem for class apt::unattended_upgrades" } + } + +} + diff --git a/templates/sources.list.deb-src.erb b/templates/sources.list.deb-src.erb new file mode 100644 index 0000000..6811eca --- /dev/null +++ b/templates/sources.list.deb-src.erb @@ -0,0 +1,11 @@ +# This file is brought to you by puppet + +# basic <%= lsbdistcodename %> +deb-src http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free +# security suppport +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There is no security mirror for <%= lsbdistcodename %> +<% else -%> +deb-src http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free +<% end -%> + -- cgit v1.2.3 From 0c86627838c5cafbc4f6c5ecfaf389a90e0dcc20 Mon Sep 17 00:00:00 2001 From: nadir Date: Sun, 13 Dec 2009 15:14:39 +0100 Subject: added $apt_volatile_enabled, updated README --- README | 7 ++++++- manifests/init.pp | 17 ++++++++++++++++- templates/sources.list.volatile.erb | 7 +++++++ 3 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 templates/sources.list.volatile.erb (limited to 'templates') diff --git a/README b/README index 72afcfc..60c16a0 100644 --- a/README +++ b/README @@ -75,13 +75,18 @@ exist there, this module will apt-key add each key $backports_enabled ------------------ If set to true, the debian backports repository is enabled through a -file in /etc/apt/sources.d/. Defaults to false. +file in /etc/apt/sources.d/. Defaults to true. $apt_deb_src_enabled -------------------- If set to true, the debian sources repository is enabled through a file in /etc/apt/sources.d/. Defaults to false. +$apt_volatile_enabled +-------------------- +If set to true, the debiani volatile repository is enabled through a +file in /etc/apt/sources.d/. Defaults to false. + Classes ======= diff --git a/manifests/init.pp b/manifests/init.pp index 11f627b..4606a94 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -21,6 +21,11 @@ class apt { 'true' => 'true', default => $apt_deb_src_enabled, } + + $apt_volatile_enabled = $apt_volatile_enabled ? { + 'true' => 'true', + default => $apt_volatile_enabled, + } package { apt: ensure => installed } @@ -159,7 +164,6 @@ class apt { case $apt_deb_src_enabled { 'true': { config_file { - # deb-src "/etc/apt/sources.list.d/debian-sources.list": content => template("apt/sources.list.deb-src.erb"), require => Exec[assert_lsbdistcodename]; @@ -168,6 +172,17 @@ class apt { default: {} } + case $apt_volatile_enabled { + 'true': { + config_file { + "/etc/apt/sources.list.d/debian-volatile.list": + content => template("apt/sources.list.volatile.erb"), + require => Exec[assert_lsbdistcodename]; + } + } + default: {} + } + case $custom_key_dir { '': { exec { "/bin/true # no_custom_keydir": } diff --git a/templates/sources.list.volatile.erb b/templates/sources.list.volatile.erb new file mode 100644 index 0000000..06d6590 --- /dev/null +++ b/templates/sources.list.volatile.erb @@ -0,0 +1,7 @@ +# This file is brought to you by puppet + +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable" || lsbdistcodename == "squeeze") -%> +# There are no backports for for <%= lsbdistcodename %> +<% else -%> +deb http://volatile.debian.org/debian-volatile <%= lsbdistcodename %>/volatile main contrib non-free +<% end -%> -- cgit v1.2.3 From 5972a3556617b4a9acfb0046ee44164bf9b2f517 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 17 Dec 2009 15:53:27 +0100 Subject: Increased Ubuntu support --- manifests/init.pp | 14 +++++++------- templates/Debian/sources.list.backports.erb | 8 ++++++++ templates/Debian/sources.list.deb-src.erb | 11 +++++++++++ templates/Debian/sources.list.erb | 11 +++++++++++ templates/Debian/sources.list.volatile.erb | 7 +++++++ templates/Ubuntu/sources.list.backports.erb | 4 ++++ templates/Ubuntu/sources.list.deb-src.erb | 12 ++++++++++++ templates/Ubuntu/sources.list.erb | 12 ++++++++++++ templates/sources.list.backports.erb | 8 -------- templates/sources.list.deb-src.erb | 11 ----------- templates/sources.list.erb | 11 ----------- templates/sources.list.volatile.erb | 7 ------- 12 files changed, 72 insertions(+), 44 deletions(-) create mode 100644 templates/Debian/sources.list.backports.erb create mode 100644 templates/Debian/sources.list.deb-src.erb create mode 100644 templates/Debian/sources.list.erb create mode 100644 templates/Debian/sources.list.volatile.erb create mode 100644 templates/Ubuntu/sources.list.backports.erb create mode 100644 templates/Ubuntu/sources.list.deb-src.erb create mode 100644 templates/Ubuntu/sources.list.erb delete mode 100644 templates/sources.list.backports.erb delete mode 100644 templates/sources.list.deb-src.erb delete mode 100644 templates/sources.list.erb delete mode 100644 templates/sources.list.volatile.erb (limited to 'templates') diff --git a/manifests/init.pp b/manifests/init.pp index 4606a94..e459bd8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -49,7 +49,7 @@ class apt { # include main, security and backports # additional sources could be included via an array "/etc/apt/sources.list": - content => template("apt/sources.list.erb"), + content => template("apt/${operatingsystem}/sources.list.erb"), require => Exec[assert_lsbdistcodename]; } } @@ -111,8 +111,8 @@ class apt { 'true': { config_file { # backports - "/etc/apt/sources.list.d/debian-backports.list": - content => template("apt/sources.list.backports.erb"), + "/etc/apt/sources.list.d/${operatingsystem}-backports.list": + content => template("apt/${operatingsystem}/sources.list.backports.erb"), require => Exec[assert_lsbdistcodename]; } @@ -164,8 +164,8 @@ class apt { case $apt_deb_src_enabled { 'true': { config_file { - "/etc/apt/sources.list.d/debian-sources.list": - content => template("apt/sources.list.deb-src.erb"), + "/etc/apt/sources.list.d/${operatingsystem}-sources.list": + content => template("apt/${operatingsystem}/sources.list.deb-src.erb"), require => Exec[assert_lsbdistcodename]; } } @@ -175,8 +175,8 @@ class apt { case $apt_volatile_enabled { 'true': { config_file { - "/etc/apt/sources.list.d/debian-volatile.list": - content => template("apt/sources.list.volatile.erb"), + "/etc/apt/sources.list.d/${operatingsystem}-volatile.list": + content => template("apt/${operatingsystem}/sources.list.volatile.erb"), require => Exec[assert_lsbdistcodename]; } } diff --git a/templates/Debian/sources.list.backports.erb b/templates/Debian/sources.list.backports.erb new file mode 100644 index 0000000..b62f6d3 --- /dev/null +++ b/templates/Debian/sources.list.backports.erb @@ -0,0 +1,8 @@ +# This file is brought to you by puppet + +# backports +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There are no backports for for <%= lsbdistcodename %> +<% else -%> +deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main +<% end -%> diff --git a/templates/Debian/sources.list.deb-src.erb b/templates/Debian/sources.list.deb-src.erb new file mode 100644 index 0000000..6811eca --- /dev/null +++ b/templates/Debian/sources.list.deb-src.erb @@ -0,0 +1,11 @@ +# This file is brought to you by puppet + +# basic <%= lsbdistcodename %> +deb-src http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free +# security suppport +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There is no security mirror for <%= lsbdistcodename %> +<% else -%> +deb-src http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free +<% end -%> + diff --git a/templates/Debian/sources.list.erb b/templates/Debian/sources.list.erb new file mode 100644 index 0000000..feb5603 --- /dev/null +++ b/templates/Debian/sources.list.erb @@ -0,0 +1,11 @@ +# This file is brought to you by puppet + +# basic <%= lsbdistcodename %> +deb http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free +# security suppport +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There is no security mirror for <%= lsbdistcodename %> +<% else -%> +deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free +<% end -%> + diff --git a/templates/Debian/sources.list.volatile.erb b/templates/Debian/sources.list.volatile.erb new file mode 100644 index 0000000..06d6590 --- /dev/null +++ b/templates/Debian/sources.list.volatile.erb @@ -0,0 +1,7 @@ +# This file is brought to you by puppet + +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable" || lsbdistcodename == "squeeze") -%> +# There are no backports for for <%= lsbdistcodename %> +<% else -%> +deb http://volatile.debian.org/debian-volatile <%= lsbdistcodename %>/volatile main contrib non-free +<% end -%> diff --git a/templates/Ubuntu/sources.list.backports.erb b/templates/Ubuntu/sources.list.backports.erb new file mode 100644 index 0000000..66610a6 --- /dev/null +++ b/templates/Ubuntu/sources.list.backports.erb @@ -0,0 +1,4 @@ +# This file is brought to you by puppet + +# backports +deb http://archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-backports main universe multiverse restricted diff --git a/templates/Ubuntu/sources.list.deb-src.erb b/templates/Ubuntu/sources.list.deb-src.erb new file mode 100644 index 0000000..f04de67 --- /dev/null +++ b/templates/Ubuntu/sources.list.deb-src.erb @@ -0,0 +1,12 @@ +# This file is brought to you by puppet + +# basic <%= lsbdistcodename %> +deb-src http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %> main restricted universe multiverse + +# updates +deb-src http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-updates main restricted universe multiverse + +# security suppport +deb-src http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-security main restricted universe multiverse + + diff --git a/templates/Ubuntu/sources.list.erb b/templates/Ubuntu/sources.list.erb new file mode 100644 index 0000000..dfecd63 --- /dev/null +++ b/templates/Ubuntu/sources.list.erb @@ -0,0 +1,12 @@ +# This file is brought to you by puppet + +# basic <%= lsbdistcodename %> +deb http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %> main restricted universe multiverse + +# updates +deb http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-updates main restricted universe multiverse + +# security suppport +deb http://de.archive.ubuntu.com/ubuntu <%= lsbdistcodename %>-security main restricted universe multiverse + + diff --git a/templates/sources.list.backports.erb b/templates/sources.list.backports.erb deleted file mode 100644 index b62f6d3..0000000 --- a/templates/sources.list.backports.erb +++ /dev/null @@ -1,8 +0,0 @@ -# This file is brought to you by puppet - -# backports -<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> -# There are no backports for for <%= lsbdistcodename %> -<% else -%> -deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main -<% end -%> diff --git a/templates/sources.list.deb-src.erb b/templates/sources.list.deb-src.erb deleted file mode 100644 index 6811eca..0000000 --- a/templates/sources.list.deb-src.erb +++ /dev/null @@ -1,11 +0,0 @@ -# This file is brought to you by puppet - -# basic <%= lsbdistcodename %> -deb-src http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free -# security suppport -<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> -# There is no security mirror for <%= lsbdistcodename %> -<% else -%> -deb-src http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free -<% end -%> - diff --git a/templates/sources.list.erb b/templates/sources.list.erb deleted file mode 100644 index feb5603..0000000 --- a/templates/sources.list.erb +++ /dev/null @@ -1,11 +0,0 @@ -# This file is brought to you by puppet - -# basic <%= lsbdistcodename %> -deb http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free -# security suppport -<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> -# There is no security mirror for <%= lsbdistcodename %> -<% else -%> -deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free -<% end -%> - diff --git a/templates/sources.list.volatile.erb b/templates/sources.list.volatile.erb deleted file mode 100644 index 06d6590..0000000 --- a/templates/sources.list.volatile.erb +++ /dev/null @@ -1,7 +0,0 @@ -# This file is brought to you by puppet - -<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable" || lsbdistcodename == "squeeze") -%> -# There are no backports for for <%= lsbdistcodename %> -<% else -%> -deb http://volatile.debian.org/debian-volatile <%= lsbdistcodename %>/volatile main contrib non-free -<% end -%> -- cgit v1.2.3 From db06babc5d095292c11445b9e76dd133943b7840 Mon Sep 17 00:00:00 2001 From: nadir Date: Sat, 9 Oct 2010 13:42:26 +0200 Subject: removed backports template in favor of main sources.list --- templates/Debian/sources.list.backports.erb | 8 -------- templates/Debian/sources.list.erb | 6 ++++++ 2 files changed, 6 insertions(+), 8 deletions(-) delete mode 100644 templates/Debian/sources.list.backports.erb (limited to 'templates') diff --git a/templates/Debian/sources.list.backports.erb b/templates/Debian/sources.list.backports.erb deleted file mode 100644 index b62f6d3..0000000 --- a/templates/Debian/sources.list.backports.erb +++ /dev/null @@ -1,8 +0,0 @@ -# This file is brought to you by puppet - -# backports -<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> -# There are no backports for for <%= lsbdistcodename %> -<% else -%> -deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main -<% end -%> diff --git a/templates/Debian/sources.list.erb b/templates/Debian/sources.list.erb index feb5603..169d7b5 100644 --- a/templates/Debian/sources.list.erb +++ b/templates/Debian/sources.list.erb @@ -9,3 +9,9 @@ deb http://ftp.debian.org/debian/ <%= lsbdistcodename %> main contrib non-free deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free <% end -%> +# backports +<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%> +# There are no backports for for <%= lsbdistcodename %> +<% else -%> +deb http://www.backports.org/debian/ <%= lsbdistcodename %>-backports main +<% end -%> -- cgit v1.2.3