summaryrefslogtreecommitdiff
path: root/puppet/modules/site_apt
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_apt')
-rw-r--r--puppet/modules/site_apt/manifests/init.pp21
-rw-r--r--puppet/modules/site_apt/manifests/unattended_upgrades.pp9
-rw-r--r--puppet/modules/site_apt/templates/50unattended-upgrades (renamed from puppet/modules/site_apt/files/Debian/50unattended-upgrades)2
3 files changed, 24 insertions, 8 deletions
diff --git a/puppet/modules/site_apt/manifests/init.pp b/puppet/modules/site_apt/manifests/init.pp
index 633ccf1e..cf49f870 100644
--- a/puppet/modules/site_apt/manifests/init.pp
+++ b/puppet/modules/site_apt/manifests/init.pp
@@ -1,7 +1,17 @@
+# setup apt on all nodes
class site_apt {
+ $sources = hiera('sources')
+ $apt_config = $sources['apt']
+ $apt_url_basic = $apt_config['basic']
+ $apt_url_security = $apt_config['security']
+ $apt_url_backports = $apt_config['backports']
+
class { 'apt':
- custom_key_dir => 'puppet:///modules/site_apt/keys'
+ custom_key_dir => 'puppet:///modules/site_apt/keys',
+ debian_url => $apt_url_basic,
+ security_url => $apt_url_security,
+ backports_url => $apt_url_backports
}
# enable http://deb.leap.se debian package repository
@@ -22,12 +32,19 @@ class site_apt {
priority => 999
}
+ apt::preferences_snippet { 'leap':
+ priority => 999,
+ package => '*',
+ pin => 'origin "deb.leap.se"'
+ }
+
# All packages should be installed _after_ refresh_apt is called,
# which does an apt-get update.
# There is one exception:
# The creation of sources.list depends on the lsb package
File['/etc/apt/preferences'] ->
+ Apt::Preferences_snippet <| |> ->
Exec['refresh_apt'] ->
- Package <| ( title != 'lsb' ) |>
+ Package <| ( title != 'lsb' ) |>
}
diff --git a/puppet/modules/site_apt/manifests/unattended_upgrades.pp b/puppet/modules/site_apt/manifests/unattended_upgrades.pp
index daebffab..40111deb 100644
--- a/puppet/modules/site_apt/manifests/unattended_upgrades.pp
+++ b/puppet/modules/site_apt/manifests/unattended_upgrades.pp
@@ -1,10 +1,9 @@
-class site_apt::unattended_upgrades inherits apt::unattended_upgrades {
+class site_apt::unattended_upgrades {
# override unattended-upgrades package resource to make sure
# that it is upgraded on every deploy (#6245)
- include ::apt::unattended_upgrades
-
- Package['unattended-upgrades'] {
- ensure => latest
+ class { 'apt::unattended_upgrades':
+ config_content => template('site_apt/50unattended-upgrades'),
+ ensure_version => latest
}
}
diff --git a/puppet/modules/site_apt/files/Debian/50unattended-upgrades b/puppet/modules/site_apt/templates/50unattended-upgrades
index f2f574fc..9ae3ab84 100644
--- a/puppet/modules/site_apt/files/Debian/50unattended-upgrades
+++ b/puppet/modules/site_apt/templates/50unattended-upgrades
@@ -1,7 +1,7 @@
// this file is managed by puppet !
Unattended-Upgrade::Allowed-Origins {
- "${distro_id}:stable";
+ "${distro_id}:oldstable";
"${distro_id}:${distro_codename}-security";
"${distro_id}:${distro_codename}-updates";
"${distro_id} Backports:${distro_codename}-backports";