1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
# apt.pp - common components and defaults for handling apt
# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
# See LICENSE for the full license granted to you.
#
# With hints from
# Micah Anderson <micah@riseup.net>
# * backports key
class apt {
# See README
$real_apt_clean = $apt_clean ? {
'' => 'auto',
default => $apt_clean,
}
package { [ 'lsb-release', 'apt' ]: ensure => installed }
# a few templates need lsbdistcodename
include assert_lsbdistcodename
case $custom_sources_list {
'': {
include default_sources_list
}
default: {
config_file { "/etc/apt/sources.list":
content => $custom_sources_list,
require => Exec[assert_lsbdistcodename],
}
}
}
class default_sources_list {
config_file {
# include main, security and backports
# additional sources could be included via an array
"/etc/apt/sources.list":
content => template("apt/sources.list.erb"),
require => Exec[assert_lsbdistcodename];
}
}
config_file {
# this just pins unstable and testing to very low values
"/etc/apt/preferences":
source => "puppet://$servername/apt/preferences",
# use File[apt_config] to reference a completed configuration
# See "The Puppet Semaphor" 2007-06-25 on the puppet-users ML
alias => apt_config,
# only update together
require => File["/etc/apt/sources.list"];
# little default settings which keep the system sane
"/etc/apt/apt.conf.d/from_puppet":
content => "APT::Get::Show-Upgraded true;\nDSelect::Clean $real_apt_clean;\nAPT::Cache-Limit 22582912;\n",
before => File[apt_config];
}
$apt_base_dir = "/var/lib/puppet/modules/apt"
modules_dir { apt: }
# watch apt.conf.d
file { "/etc/apt/apt.conf.d": ensure => directory, checksum => mtime; }
exec {
# "&& sleep 1" is workaround for older(?) clients
"/usr/bin/apt-get update #on refresh":
refreshonly => true,
subscribe => [ File["/etc/apt/sources.list"],
File["/etc/apt/preferences"], File["/etc/apt/apt.conf.d"],
File[apt_config] ];
"/usr/bin/apt-get update && /usr/bin/apt-get autoclean #hourly":
require => [ File["/etc/apt/sources.list"],
File["/etc/apt/preferences"], File[apt_config] ],
# Another Semaphor for all packages to reference
alias => apt_updated;
}
case $lsbdistcodename {
etch: {
## This package should really always be current
package { "debian-archive-keyring": ensure => latest, }
}
}
}
class apt::backports inherits apt {
$custom_sources_list = template("apt/sources.list+backports.erb")
case $lsbdistcodename {
etch: {
package { "debian-backports-keyring": ensure => latest, }
# This key was downloaded from
# http://backports.org/debian/archive.key
# and is needed to bootstrap the backports trustpath
file { "${apt_base_dir}/backports.org.key":
source => "puppet://$servername/apt/backports.org.key",
mode => 0444, owner => root, group => root,
}
exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
alias => "backports_key",
refreshonly => true,
subscribe => File["${apt_base_dir}/backports.org.key"],
before => [ File[apt_config], Package["debian-backports-keyring"] ]
}
}
}
}
class dselect {
# suppress annoying help texts of dselect
line { dselect_expert:
file => "/etc/dpkg/dselect.cfg",
line => "expert",
ensure => present,
}
package { dselect: ensure => installed }
}
|