diff options
Diffstat (limited to 'puppet/modules/site_apt')
-rw-r--r-- | puppet/modules/site_apt/manifests/init.pp | 21 | ||||
-rw-r--r-- | puppet/modules/site_apt/manifests/unattended_upgrades.pp | 9 | ||||
-rw-r--r-- | puppet/modules/site_apt/templates/50unattended-upgrades (renamed from puppet/modules/site_apt/files/Debian/50unattended-upgrades) | 2 |
3 files changed, 24 insertions, 8 deletions
diff --git a/puppet/modules/site_apt/manifests/init.pp b/puppet/modules/site_apt/manifests/init.pp index 633ccf1e..cf49f870 100644 --- a/puppet/modules/site_apt/manifests/init.pp +++ b/puppet/modules/site_apt/manifests/init.pp @@ -1,7 +1,17 @@ +# setup apt on all nodes class site_apt { + $sources = hiera('sources') + $apt_config = $sources['apt'] + $apt_url_basic = $apt_config['basic'] + $apt_url_security = $apt_config['security'] + $apt_url_backports = $apt_config['backports'] + class { 'apt': - custom_key_dir => 'puppet:///modules/site_apt/keys' + custom_key_dir => 'puppet:///modules/site_apt/keys', + debian_url => $apt_url_basic, + security_url => $apt_url_security, + backports_url => $apt_url_backports } # enable http://deb.leap.se debian package repository @@ -22,12 +32,19 @@ class site_apt { priority => 999 } + apt::preferences_snippet { 'leap': + priority => 999, + package => '*', + pin => 'origin "deb.leap.se"' + } + # All packages should be installed _after_ refresh_apt is called, # which does an apt-get update. # There is one exception: # The creation of sources.list depends on the lsb package File['/etc/apt/preferences'] -> + Apt::Preferences_snippet <| |> -> Exec['refresh_apt'] -> - Package <| ( title != 'lsb' ) |> + Package <| ( title != 'lsb' ) |> } diff --git a/puppet/modules/site_apt/manifests/unattended_upgrades.pp b/puppet/modules/site_apt/manifests/unattended_upgrades.pp index daebffab..40111deb 100644 --- a/puppet/modules/site_apt/manifests/unattended_upgrades.pp +++ b/puppet/modules/site_apt/manifests/unattended_upgrades.pp @@ -1,10 +1,9 @@ -class site_apt::unattended_upgrades inherits apt::unattended_upgrades { +class site_apt::unattended_upgrades { # override unattended-upgrades package resource to make sure # that it is upgraded on every deploy (#6245) - include ::apt::unattended_upgrades - - Package['unattended-upgrades'] { - ensure => latest + class { 'apt::unattended_upgrades': + config_content => template('site_apt/50unattended-upgrades'), + ensure_version => latest } } diff --git a/puppet/modules/site_apt/files/Debian/50unattended-upgrades b/puppet/modules/site_apt/templates/50unattended-upgrades index f2f574fc..9ae3ab84 100644 --- a/puppet/modules/site_apt/files/Debian/50unattended-upgrades +++ b/puppet/modules/site_apt/templates/50unattended-upgrades @@ -1,7 +1,7 @@ // this file is managed by puppet ! Unattended-Upgrade::Allowed-Origins { - "${distro_id}:stable"; + "${distro_id}:oldstable"; "${distro_id}:${distro_codename}-security"; "${distro_id}:${distro_codename}-updates"; "${distro_id} Backports:${distro_codename}-backports"; |