summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README20
-rw-r--r--files/50unattended-upgrades2
-rw-r--r--lib/puppet/parser/functions/debian_release_version.rb9
-rw-r--r--manifests/cron/base.pp16
-rw-r--r--manifests/init.pp3
-rw-r--r--manifests/reboot_required_notify.pp20
-rw-r--r--templates/20proxy.erb1
-rw-r--r--templates/Debian/preferences_lenny.erb2
8 files changed, 70 insertions, 3 deletions
diff --git a/README b/README
index 7c747a1..88eef47 100644
--- a/README
+++ b/README
@@ -186,12 +186,24 @@ apt::cron::download
This class sets up cron-apt so that it downloads upgradable packages, does not
actually do any upgrade and emails when the output changes.
+cron-apt defaults to run at 4 AM. You may want to set the
+$apt_cron_hours variable before you include the class: its value will
+be passed as the "hours" parameter of a cronjob. Example:
+
+ # Run cron-apt every three hours
+ $apt_cron_hours = "*/3"
+
+Note that the default 4 AM cronjob won't be disabled.
+
apt::cron::dist-upgrade
-----------------------
This class sets up cron-apt so that it dist-upgrades the system and
emails when upgrades are performed.
+See apt::cron::download above if you need to run cron-apt more often
+than once a day.
+
apt::dselect
------------
@@ -199,6 +211,7 @@ This class, when included, installs dselect and switches it to expert mode to
suppress superfluous help screens.
apt::listchanges
+----------------
This class, when included, installs apt-listchanges and configures it using the
following variables, the defaults are below:
@@ -217,6 +230,13 @@ apt::proxy_client
This class adds the right configuration to apt to make it fetch packages via a
proxy. The variables $apt_proxy and $apt_proxy_port need to be set (see above).
+apt::reboot_required_notify
+---------------------------
+
+This class installs a daily cronjob that checks if a package upgrade
+requires the system to be rebooted; if so, cron sends a notification
+email to root.
+
apt::unattended_upgrades
------------------------
diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades
index d9535bc..fbab858 100644
--- a/files/50unattended-upgrades
+++ b/files/50unattended-upgrades
@@ -22,7 +22,7 @@ Unattended-Upgrade::Package-Blacklist {
"linux-image-*";
- // unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that wildcards aren't recognized:
+ // unfortunately there seems to be a bug in unattended-upgrades <= 0.62 that wildcards aren't recognized:
//2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-*
//2009-12-11 13:41:43,267 INFO Starting unattended upgrades script
//2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"]
diff --git a/lib/puppet/parser/functions/debian_release_version.rb b/lib/puppet/parser/functions/debian_release_version.rb
new file mode 100644
index 0000000..4b135d0
--- /dev/null
+++ b/lib/puppet/parser/functions/debian_release_version.rb
@@ -0,0 +1,9 @@
+module Puppet::Parser::Functions
+ newfunction(:debian_release_version, :type => :rvalue) do |args|
+ case args[0]
+ when 'etch' then '4.0'
+ when 'lenny' then '5.0'
+ else ''
+ end
+ end
+end
diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp
index de55772..7ccfce6 100644
--- a/manifests/cron/base.pp
+++ b/manifests/cron/base.pp
@@ -1,4 +1,20 @@
class apt::cron::base {
package { cron-apt: ensure => installed }
+
+ case $apt_cron_hours {
+ '': {}
+ default: {
+ # cron-apt defaults to run every night at 4 o'clock
+ # so we try not to run at the same time.
+ cron { 'apt_cron_every_N_hours':
+ command => 'test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt',
+ user => root,
+ hour => "${apt_cron_hours}",
+ minute => 10,
+ require => Package['cron-apt'],
+ }
+ }
+ }
+
}
diff --git a/manifests/init.pp b/manifests/init.pp
index 2d46ad4..7fa811d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -62,7 +62,7 @@ class apt {
include lsb
- # init $release, $next_release, $codename, $next_codename
+ # init $release, $next_release, $codename, $next_codename, $release_version
case $lsbdistcodename {
'': {
$codename = $lsbdistcodename
@@ -73,6 +73,7 @@ class apt {
$release = debian_release($codename)
}
}
+ $release_version = debian_release_version($codename)
$next_codename = debian_nextcodename($codename)
$next_release = debian_nextrelease($release)
diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp
new file mode 100644
index 0000000..3c6db79
--- /dev/null
+++ b/manifests/reboot_required_notify.pp
@@ -0,0 +1,20 @@
+class apt::reboot_required_notify {
+
+ # This package installs the script that created /var/run/reboot-required*.
+ # This script (/usr/share/update-notifier/notify-reboot-required) is
+ # triggered e.g. by kernel packages.
+ package { update-notifier-common:
+ ensure => installed,
+ }
+
+ # cron-apt defaults to run every night at 4 o'clock
+ # so we check if a reboot is required a bit later.
+ cron { 'apt_reboot_required_notify':
+ command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi',
+ user => root,
+ hour => 4,
+ minute => 20,
+ require => Package['update-notifier-common'],
+ }
+
+}
diff --git a/templates/20proxy.erb b/templates/20proxy.erb
index 3e1ae5d..fd0c7fe 100644
--- a/templates/20proxy.erb
+++ b/templates/20proxy.erb
@@ -2,3 +2,4 @@
// all local modifications will be overwritten
Acquire::http { Proxy "<%= real_apt_proxy %>:<%= real_apt_proxy_port %>"; };
+Acquire::HTTP::Proxy::bugs.debian.org "DIRECT";
diff --git a/templates/Debian/preferences_lenny.erb b/templates/Debian/preferences_lenny.erb
index be8ecd8..dda2d7a 100644
--- a/templates/Debian/preferences_lenny.erb
+++ b/templates/Debian/preferences_lenny.erb
@@ -1,6 +1,6 @@
Explanation: Debian <%= codename %>
Package: *
-Pin: release o=Debian,a=<%= release %>
+Pin: release o=Debian,a=<%= release %>,v=<%= release_version %>*
Pin-Priority: 990
Explanation: Debian backports