diff options
-rw-r--r-- | README.md | 56 | ||||
-rw-r--r-- | manifests/config.pp | 1 | ||||
-rw-r--r-- | manifests/dpkg_statoverride.pp | 75 | ||||
-rw-r--r-- | manifests/init.pp | 10 | ||||
-rw-r--r-- | manifests/params.pp | 23 | ||||
-rw-r--r-- | manifests/preferences.pp | 117 | ||||
-rw-r--r-- | manifests/preferences/absent.pp | 7 | ||||
-rw-r--r-- | manifests/preferences_snippet.pp | 3 | ||||
-rw-r--r-- | templates/Debian/fallback.erb | 7 | ||||
-rw-r--r-- | templates/Debian/lts.erb | 7 | ||||
-rw-r--r-- | templates/Debian/nextcodename.erb | 7 | ||||
-rw-r--r-- | templates/Debian/stable.erb | 7 | ||||
-rw-r--r-- | templates/Debian/volatile.erb | 7 |
13 files changed, 268 insertions, 59 deletions
@@ -24,7 +24,8 @@ * [apt::key](#apt-key) * [`apt::key::plain`](#apt-key-plain) * [apt::upgrade_package](#apt-upgrade_package) -* [Resources](#ressources) + * [apt::dpkg_statoverride](#apt-dpkg_statoverride) +* [Resources](#resources) * [File\['apt_config'\]](#fileapt_config) * [Exec\['apt_updated'\]](#execapt_updated) * [Tests](#tests) @@ -256,25 +257,19 @@ Example usage: If this variable is set the default repositories list ("main contrib non-free") is overriden. -### custom_preferences +### manage_preferences - For historical reasons (Debian Lenny's version of APT did not support the use - of the `preferences.d` directory for putting fragments of 'preferences'), this - module will manage a default generic apt/preferences file with more - recent releases pinned to very low values so that any package - installation will not accidentally pull in packages from those suites - unless you explicitly specify the version number. This file will be - complemented with all of the preferences_snippet calls (see below). + Setting this variable to `false` will delete all the files in `preferences.d` + managed by Puppet. By default, this parameter is set to `true`. - If the default preferences template doesn't suit your needs, you can create a - template located in your `site_apt` module, and set custom_preferences with the - content (eg. custom_preferences => template('site_apt/preferences') ) +### custom_preferences - Setting this variable to false before including this class will force the - `apt/preferences` file to be absent: + If the default preferences template doesn't suit your needs, you can create a + template located in your `apt` module, and set `custom_preferences` to your + preferred template: class { 'apt': - custom_preferences => false, + custom_preferences => 'apt/my_super_template.erb', } ### custom_sources_list @@ -628,7 +623,36 @@ to their latest (also, only if they are installed): } -# Resources<a name="ressources"></a> +## apt::dpkg_statoverride<a name="apt-dpkg_statoverride"></a> + +Override ownership and mode of files. This define takes the following parameters: + +[*name*] + Implicit parameter. + File path. + +[*user*] + User name (or user id if prepended with '#'). + +[*group*] + Group name (or group id if prepended with '#'). + +[*mode*] + File mode, in octal + +[*ensure*] + Whether to add or delete this configuration + + +Example usage: + + apt::dpkg_statoverride { '/var/log/puppet': + user => 'puppet', + group => 'puppet', + mode => '750', + } + +# Resources<a name="resources"></a> ## File['apt_config']<a name="file-apt-config"></a> diff --git a/manifests/config.pp b/manifests/config.pp index 542fc1f..50a8ebd 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -3,7 +3,6 @@ class apt::config { exec { 'update_apt': command => '/usr/bin/apt-get update', require => [ File['/etc/apt/apt.conf.d', - '/etc/apt/preferences', '/etc/apt/sources.list'] ], refreshonly => true; } diff --git a/manifests/dpkg_statoverride.pp b/manifests/dpkg_statoverride.pp new file mode 100644 index 0000000..79ef4f1 --- /dev/null +++ b/manifests/dpkg_statoverride.pp @@ -0,0 +1,75 @@ +# = Define: apt::dpkg_statoverride +# +# Override ownership and mode of files +# +# +# == Parameters +# +# [*name*] +# Implicit parameter. +# File path. +# +# [*user*] +# User name (or user id if prepended with '#'). +# +# [*group*] +# Group name (or group id if prepended with '#'). +# +# [*mode*] +# File mode, in octal +# +# [*ensure*] +# Whether to add or delete this configuration +# +# +# == Examples +# +# Usage: +# apt::dpkg_statoverride { '/var/log/puppet': +# user => 'puppet', +# group => 'puppet', +# mode => '750', +# } +# +# == License +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# == Copyright +# +# Copyright 2014-2016 Mathieu Parent +# +define apt::dpkg_statoverride( + $user, + $group, + $mode, + $ensure = present +) { + case $ensure { + 'present': { + exec { "dpkg_statoverride_${name}-add": + command => "dpkg-statoverride --update --add '${user}' '${group}' '${mode}' '${name}'", + unless => "dpkg-statoverride --list '${name}' | grep '${user} ${group} ${mode} ${name}'", + } + } + 'absent': { + exec { "dpkg_statoverride_${name}-add": + command => "dpkg-statoverride --remove '${name}'", + onlyif => "dpkg-statoverride --list '${name}'", + } + } + default: { + fail("Unknown value for \$ensure: '${ensure}'") + } + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 26afaeb..25e35ff 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -15,6 +15,7 @@ class apt ( $volatile_url = $apt::params::volatile_url, $ubuntu_url = $apt::params::ubuntu_url, $repos = $apt::params::repos, + $manage_preferences = $apt::params::manage_preferences, $custom_preferences = $apt::params::custom_preferences, $custom_sources_list = '', $custom_key_dir = $apt::params::custom_key_dir, @@ -23,17 +24,10 @@ class apt ( include apt::dot_d_directories include apt::config include apt::install + include apt::preferences include common::moduledir common::module_dir { 'apt': } $apt_base_dir = "${common::moduledir::module_dir_path}/apt" - case $custom_preferences { - false: { - include apt::preferences::absent - } - default: { - include apt::preferences - } - } } diff --git a/manifests/params.pp b/manifests/params.pp index 463cd63..3879c81 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,14 +1,16 @@ class apt::params () { - $use_lts = false - $use_volatile = false - $use_backports = true - $include_src = false - $use_next_release = false - $debian_url = 'http://httpredir.debian.org/debian/' - $security_url = 'http://security.debian.org/' - $ubuntu_url = 'http://archive.ubuntu.com/ubuntu' - $lts_url = $debian_url - $volatile_url = 'http://volatile.debian.org/debian-volatile/' + $use_lts = false + $use_volatile = false + $use_backports = true + $include_src = false + $use_next_release = false + $manage_preferences = true + $custom_preferences = undef + $debian_url = 'http://httpredir.debian.org/debian/' + $security_url = 'http://security.debian.org/' + $ubuntu_url = 'http://archive.ubuntu.com/ubuntu' + $lts_url = $debian_url + $volatile_url = 'http://volatile.debian.org/debian-volatile/' case $::operatingsystem { 'debian': { $repos = 'main contrib non-free' @@ -20,6 +22,5 @@ class apt::params () { fail("Unsupported system '${::operatingsystem}'.") } } - $custom_preferences = '' $custom_key_dir = false } diff --git a/manifests/preferences.pp b/manifests/preferences.pp index d3eb780..ce28d37 100644 --- a/manifests/preferences.pp +++ b/manifests/preferences.pp @@ -1,19 +1,110 @@ class apt::preferences { - $pref_contents = $apt::custom_preferences ? { - '' => $::operatingsystem ? { - 'debian' => template("apt/${::operatingsystem}/preferences.erb"), - 'ubuntu' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"), - }, - default => $apt::custom_preferences + file { '/etc/apt/preferences': + ensure => absent; } - file { '/etc/apt/preferences': - ensure => present, - alias => 'apt_config', - # only update together - content => $pref_contents, - require => File['/etc/apt/sources.list'], - owner => root, group => 0, mode => '0644'; + if ($apt::manage_preferences == true) and ($apt::custom_preferences != undef) { + + file { + '/etc/apt/preferences.d/custom': + ensure => present, + alias => 'apt_config', + content => template($apt::custom_preferences), + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; + + '/etc/apt/preferences.d/stable': + ensure => absent; + + '/etc/apt/preferences.d/volatile': + ensure => absent; + + '/etc/apt/preferences.d/lts': + ensure => absent; + + '/etc/apt/preferences.d/nextcodename': + ensure => absent; + } + } + + elsif $apt::manage_preferences == true { + + if $::operatingsystem == "Debian" { + + file { + '/etc/apt/preferences.d/stable': + ensure => present, + alias => 'apt_config', + content => template('apt/Debian/stable.erb'), + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; + + '/etc/apt/preferences.d/custom': + ensure => absent; + } + + if $apt::use_volatile { + + file { '/etc/apt/preferences.d/volatile': + ensure => present, + content => template('apt/Debian/volatile.erb'), + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; + } + } + + if $apt::use_lts { + + file { '/etc/apt/preferences.d/lts': + ensure => present, + content => template('apt/Debian/lts.erb'), + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; + } + } + + if ($::debian_nextcodename) and ($::debian_nextcodename != "experimental") { + + file { '/etc/apt/preferences.d/nextcodename': + ensure => present, + content => template('apt/Debian/nextcodename.erb'), + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; + } + } + } + + elsif $::operatingsystem == "Ubuntu" { + + file { '/etc/apt/preferences': + ensure => present, + alias => 'apt_config', + # only update together + content => template("apt/Ubuntu/preferences_${apt::codename}.erb"), + require => File['/etc/apt/sources.list'], + owner => root, group => 0, mode => '0644'; + } + } + } + + elsif $apt::manage_preferences == false { + + file { + '/etc/apt/preferences.d/custom': + ensure => absent; + + '/etc/apt/preferences.d/stable': + ensure => absent; + + '/etc/apt/preferences.d/volatile': + ensure => absent; + + '/etc/apt/preferences.d/lts': + ensure => absent; + + '/etc/apt/preferences.d/nextcodename': + ensure => absent; + } } } diff --git a/manifests/preferences/absent.pp b/manifests/preferences/absent.pp deleted file mode 100644 index f32e030..0000000 --- a/manifests/preferences/absent.pp +++ /dev/null @@ -1,7 +0,0 @@ -class apt::preferences::absent { - - file { '/etc/apt/preferences': - ensure => absent, - alias => 'apt_config', - } -} diff --git a/manifests/preferences_snippet.pp b/manifests/preferences_snippet.pp index 8905318..04fb010 100644 --- a/manifests/preferences_snippet.pp +++ b/manifests/preferences_snippet.pp @@ -13,9 +13,6 @@ define apt::preferences_snippet ( } if $ensure == 'present' { - if $apt::custom_preferences == false { - fail('Trying to define a preferences_snippet with $custom_preferences set to false.') - } if $priority == undef { fail("apt::preferences_snippet requires the 'priority' argument to be set") diff --git a/templates/Debian/fallback.erb b/templates/Debian/fallback.erb new file mode 100644 index 0000000..1c75e83 --- /dev/null +++ b/templates/Debian/fallback.erb @@ -0,0 +1,7 @@ +# This file is managed by puppet +# all local modifications will be overwritten + +Explanation: Debian fallback +Package: * +Pin: release o=Debian +Pin-Priority: -10 diff --git a/templates/Debian/lts.erb b/templates/Debian/lts.erb new file mode 100644 index 0000000..a77835e --- /dev/null +++ b/templates/Debian/lts.erb @@ -0,0 +1,7 @@ +# This file is managed by puppet +# all local modifications will be overwritten + +Explanation: Debian <%= @debian_codename %>-lts +Package: * +Pin: release o=Debian,n=<%= @debian_codename %>-lts +Pin-Priority: 990 diff --git a/templates/Debian/nextcodename.erb b/templates/Debian/nextcodename.erb new file mode 100644 index 0000000..2bec9ad --- /dev/null +++ b/templates/Debian/nextcodename.erb @@ -0,0 +1,7 @@ +# This file is managed by puppet +# all local modifications will be overwritten + +Explanation: Debian <%= @debian_nextcodename %> +Package: * +Pin: release o=Debian,n=<%= @debian_nextcodename %> +Pin-Priority: 2 diff --git a/templates/Debian/stable.erb b/templates/Debian/stable.erb new file mode 100644 index 0000000..be05e51 --- /dev/null +++ b/templates/Debian/stable.erb @@ -0,0 +1,7 @@ +# This file is managed by puppet +# all local modifications will be overwritten + +Explanation: Debian <%= @debian_codename %> +Package: * +Pin: release o=Debian,n=<%= @debian_codename %> +Pin-Priority: 990 diff --git a/templates/Debian/volatile.erb b/templates/Debian/volatile.erb new file mode 100644 index 0000000..47ec2d8 --- /dev/null +++ b/templates/Debian/volatile.erb @@ -0,0 +1,7 @@ +# This file is managed by puppet +# all local modifications will be overwritten + +Explanation: Debian <%= @debian_codename %>-updates +Package: * +Pin: release o=Debian,n=<%= @debian_codename %>-updates +Pin-Priority: 990 |