1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
class nodo::subsystem::apt(
$ensure = present,
$auto_upgrade = present,
$upgrade_handler = 'apt',
$hour = 2,
$minute = 0,
$mirror = 'https://deb.debian.org',
$contrib = 'enabled',
$non_free = 'enabled',
$non_free_firmware = $::lsbdistcodename ? {
'wheezy' => 'disabled',
'buster' => 'disabled',
'bullseye' => 'disabled',
default => 'enabled',
}
) {
package { 'apt-transport-https':
ensure => installed,
}
# See https://www.cyberciti.biz/faq/howto-use-apt-get-with-ipv6-or-ipv4-transport-on-ubuntu-debian/
# https://unix.stackexchange.com/questions/370750/wget-uses-ipv6-address-and-takes-too-long-to-complete
file { '/etc/apt/apt.conf.d/1000-force-ipv4-transport':
ensure => absent,
owner => root,
group => root,
mode => '0644',
content => "Acquire::ForceIPv4 \"true\";\n",
}
$contrib_component = $contrib ? {
'enabled' => ' contrib',
default => '',
}
$non_free_component = $non_free ? {
'enabled' => ' non-free',
default => '',
}
$non_free_firmware_component = $non_free_firmware ? {
'enabled' => ' non-free-firmware',
default => '',
}
file { '/etc/apt/sources.list':
ensure => present,
owner => root,
group => root,
mode => '0644',
notify => Exec['nodo-apt-auto-update'],
require => [ File['/etc/apt/apt.conf.d/1000-force-ipv4-transport'], Package['apt-transport-https'] ],
content => $ensure ? {
'present' => template("nodo/apt/${::operatingsystem}.sources.list.erb"),
default => undef,
},
}
# We have /var/log/dpkg.log, so we do not need to rotate /var/log/upgrade.log
$log = ">> /var/log/upgrade.log 2>&1"
$apt = '/usr/bin/apt-get'
if $upgrade_handler == 'apt' {
$command = "${apt} update ${log} && ${apt} dist-upgrade -y ${log} && ${apt} autoremove -y ${log} && ${apt} clean ${log}"
}
elsif $upgrade_handler == 'hydra' {
$command = "hydractl upgrade clean ${log}"
}
exec { 'nodo-apt-auto-update':
command => "${apt} update ${log}",
user => "root",
refreshonly => true,
}
cron { 'nodo-apt-auto-upgrade':
ensure => $auto_upgrade,
command => $command,
environment => [ 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 'DEBIAN_FRONTEND=noninteractive' ],
user => 'root',
hour => $hour,
minute => $minute,
}
}
|
