diff options
| -rw-r--r-- | README | 20 | ||||
| -rw-r--r-- | files/50unattended-upgrades | 2 | ||||
| -rw-r--r-- | lib/puppet/parser/functions/debian_release_version.rb | 9 | ||||
| -rw-r--r-- | manifests/cron/base.pp | 16 | ||||
| -rw-r--r-- | manifests/init.pp | 3 | ||||
| -rw-r--r-- | manifests/reboot_required_notify.pp | 20 | ||||
| -rw-r--r-- | templates/20proxy.erb | 1 | ||||
| -rw-r--r-- | templates/Debian/preferences_lenny.erb | 2 |
8 files changed, 70 insertions, 3 deletions
@@ -186,12 +186,24 @@ apt::cron::download This class sets up cron-apt so that it downloads upgradable packages, does not actually do any upgrade and emails when the output changes. +cron-apt defaults to run at 4 AM. You may want to set the +$apt_cron_hours variable before you include the class: its value will +be passed as the "hours" parameter of a cronjob. Example: + + # Run cron-apt every three hours + $apt_cron_hours = "*/3" + +Note that the default 4 AM cronjob won't be disabled. + apt::cron::dist-upgrade ----------------------- This class sets up cron-apt so that it dist-upgrades the system and emails when upgrades are performed. +See apt::cron::download above if you need to run cron-apt more often +than once a day. + apt::dselect ------------ @@ -199,6 +211,7 @@ This class, when included, installs dselect and switches it to expert mode to suppress superfluous help screens. apt::listchanges +---------------- This class, when included, installs apt-listchanges and configures it using the following variables, the defaults are below: @@ -217,6 +230,13 @@ apt::proxy_client This class adds the right configuration to apt to make it fetch packages via a proxy. The variables $apt_proxy and $apt_proxy_port need to be set (see above). +apt::reboot_required_notify +--------------------------- + +This class installs a daily cronjob that checks if a package upgrade +requires the system to be rebooted; if so, cron sends a notification +email to root. + apt::unattended_upgrades ------------------------ diff --git a/files/50unattended-upgrades b/files/50unattended-upgrades index d9535bc..fbab858 100644 --- a/files/50unattended-upgrades +++ b/files/50unattended-upgrades @@ -22,7 +22,7 @@ Unattended-Upgrade::Package-Blacklist { "linux-image-*"; - // unfortunately there seems to be a bug in unattended-upgrades <= 0.25.1 that wildcards aren't recognized: + // unfortunately there seems to be a bug in unattended-upgrades <= 0.62 that wildcards aren't recognized: //2009-12-11 13:41:43,267 INFO Initial blacklisted packages: linux-image-* //2009-12-11 13:41:43,267 INFO Starting unattended upgrades script //2009-12-11 13:41:43,267 INFO Allowed origins are: ["['Debian', 'stable']", "['Debian-Security', 'stable']"] diff --git a/lib/puppet/parser/functions/debian_release_version.rb b/lib/puppet/parser/functions/debian_release_version.rb new file mode 100644 index 0000000..4b135d0 --- /dev/null +++ b/lib/puppet/parser/functions/debian_release_version.rb @@ -0,0 +1,9 @@ +module Puppet::Parser::Functions + newfunction(:debian_release_version, :type => :rvalue) do |args| + case args[0] + when 'etch' then '4.0' + when 'lenny' then '5.0' + else '' + end + end +end diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp index de55772..7ccfce6 100644 --- a/manifests/cron/base.pp +++ b/manifests/cron/base.pp @@ -1,4 +1,20 @@ class apt::cron::base { package { cron-apt: ensure => installed } + + case $apt_cron_hours { + '': {} + default: { + # cron-apt defaults to run every night at 4 o'clock + # so we try not to run at the same time. + cron { 'apt_cron_every_N_hours': + command => 'test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt', + user => root, + hour => "${apt_cron_hours}", + minute => 10, + require => Package['cron-apt'], + } + } + } + } diff --git a/manifests/init.pp b/manifests/init.pp index 2d46ad4..7fa811d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -62,7 +62,7 @@ class apt { include lsb - # init $release, $next_release, $codename, $next_codename + # init $release, $next_release, $codename, $next_codename, $release_version case $lsbdistcodename { '': { $codename = $lsbdistcodename @@ -73,6 +73,7 @@ class apt { $release = debian_release($codename) } } + $release_version = debian_release_version($codename) $next_codename = debian_nextcodename($codename) $next_release = debian_nextrelease($release) diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp new file mode 100644 index 0000000..3c6db79 --- /dev/null +++ b/manifests/reboot_required_notify.pp @@ -0,0 +1,20 @@ +class apt::reboot_required_notify { + + # This package installs the script that created /var/run/reboot-required*. + # This script (/usr/share/update-notifier/notify-reboot-required) is + # triggered e.g. by kernel packages. + package { update-notifier-common: + ensure => installed, + } + + # cron-apt defaults to run every night at 4 o'clock + # so we check if a reboot is required a bit later. + cron { 'apt_reboot_required_notify': + command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi', + user => root, + hour => 4, + minute => 20, + require => Package['update-notifier-common'], + } + +} diff --git a/templates/20proxy.erb b/templates/20proxy.erb index 3e1ae5d..fd0c7fe 100644 --- a/templates/20proxy.erb +++ b/templates/20proxy.erb @@ -2,3 +2,4 @@ // all local modifications will be overwritten Acquire::http { Proxy "<%= real_apt_proxy %>:<%= real_apt_proxy_port %>"; }; +Acquire::HTTP::Proxy::bugs.debian.org "DIRECT"; diff --git a/templates/Debian/preferences_lenny.erb b/templates/Debian/preferences_lenny.erb index be8ecd8..dda2d7a 100644 --- a/templates/Debian/preferences_lenny.erb +++ b/templates/Debian/preferences_lenny.erb @@ -1,6 +1,6 @@ Explanation: Debian <%= codename %> Package: * -Pin: release o=Debian,a=<%= release %> +Pin: release o=Debian,a=<%= release %>,v=<%= release_version %>* Pin-Priority: 990 Explanation: Debian backports |