diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/apt_conf.pp | 6 | ||||
| -rw-r--r-- | manifests/apticron.pp | 2 | ||||
| -rw-r--r-- | manifests/cron/base.pp | 20 | ||||
| -rw-r--r-- | manifests/cron/dist_upgrade.pp | 21 | ||||
| -rw-r--r-- | manifests/cron/download.pp | 27 | ||||
| -rw-r--r-- | manifests/dist_upgrade.pp | 5 | ||||
| -rw-r--r-- | manifests/init.pp | 30 | ||||
| -rw-r--r-- | manifests/listchanges.pp | 2 | ||||
| -rw-r--r-- | manifests/params.pp | 19 | ||||
| -rw-r--r-- | manifests/preferences.pp | 4 | ||||
| -rw-r--r-- | manifests/preferences_snippet.pp | 10 | ||||
| -rw-r--r-- | manifests/preseeded_package.pp | 5 | ||||
| -rw-r--r-- | manifests/proxy_client.pp | 2 | ||||
| -rw-r--r-- | manifests/reboot_required_notify.pp | 22 | ||||
| -rw-r--r-- | manifests/reboot_required_notify/jessie.pp | 28 | ||||
| -rw-r--r-- | manifests/reboot_required_notify/wheezy.pp | 23 | ||||
| -rw-r--r-- | manifests/sources_list.pp | 13 | ||||
| -rw-r--r-- | manifests/unattended_upgrades.pp | 2 | ||||
| -rw-r--r-- | manifests/upgrade_package.pp | 4 |
19 files changed, 126 insertions, 119 deletions
diff --git a/manifests/apt_conf.pp b/manifests/apt_conf.pp index 949f615..fa8cfa3 100644 --- a/manifests/apt_conf.pp +++ b/manifests/apt_conf.pp @@ -1,15 +1,15 @@ define apt::apt_conf( $ensure = 'present', - $source = '', + $source = undef, $content = undef, $refresh_apt = true ) { - if $source == '' and $content == undef { + if $source == undef and $content == undef { fail("One of \$source or \$content must be specified for apt_conf ${name}") } - if $source != '' and $content != undef { + if $source != undef and $content != undef { fail("Only one of \$source or \$content must specified for apt_conf ${name}") } diff --git a/manifests/apticron.pp b/manifests/apticron.pp index 9c94f9c..89709a8 100644 --- a/manifests/apticron.pp +++ b/manifests/apticron.pp @@ -1,6 +1,6 @@ class apt::apticron( $ensure_version = 'installed', - $config = "apt/${::operatingsystem}/apticron_${::debian_codename}.erb", + $config = "apt/${::operatingsystem}/apticron.erb", $email = 'root', $diff_only = '1', $listchanges_profile = 'apticron', diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp deleted file mode 100644 index 39fc306..0000000 --- a/manifests/cron/base.pp +++ /dev/null @@ -1,20 +0,0 @@ -class apt::cron::base { - - package { 'cron-apt': ensure => installed } - - case $apt_cron_hours { - '': {} - default: { - # cron-apt defaults to run every night at 4 o'clock - # so we try not to run at the same time. - cron { 'apt_cron_every_N_hours': - command => 'test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt', - user => root, - hour => "${apt_cron_hours}", - minute => 10, - require => Package['cron-apt'], - } - } - } - -} diff --git a/manifests/cron/dist_upgrade.pp b/manifests/cron/dist_upgrade.pp index 74403bb..e1a03ed 100644 --- a/manifests/cron/dist_upgrade.pp +++ b/manifests/cron/dist_upgrade.pp @@ -1,4 +1,23 @@ -class apt::cron::dist_upgrade inherits apt::cron::base { +class apt::cron::dist_upgrade ( + $cron_hours = '', +) { + + package { 'cron-apt': ensure => installed } + + case $cron_hours { + '': {} + default: { + # cron-apt defaults to run every night at 4 o'clock + # so we try not to run at the same time. + cron { 'apt_cron_every_N_hours': + command => 'test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt', + user => root, + hour => "${cron_hours}", + minute => 10, + require => Package['cron-apt'], + } + } + } $action = "autoclean -y dist-upgrade -y -o APT::Get::Show-Upgraded=true -o 'DPkg::Options::=--force-confold' diff --git a/manifests/cron/download.pp b/manifests/cron/download.pp deleted file mode 100644 index 4a19fec..0000000 --- a/manifests/cron/download.pp +++ /dev/null @@ -1,27 +0,0 @@ -class apt::cron::download inherits apt::cron::base { - - $action = "autoclean -y -dist-upgrade -d -y -o APT::Get::Show-Upgraded=true -" - - file { '/etc/cron-apt/action.d/4-dist-upgrade': - ensure => absent, - } - - file { '/etc/cron-apt/action.d/3-download': - content => $action, - require => Package[cron-apt], - owner => root, - group => 0, - mode => '0644'; - } - - file { '/etc/cron-apt/config.d/MAILON': - content => "MAILON=changes\n", - require => Package[cron-apt], - owner => root, - group => 0, - mode => '0644'; - } - -} diff --git a/manifests/dist_upgrade.pp b/manifests/dist_upgrade.pp index 19c031e..3061fb8 100644 --- a/manifests/dist_upgrade.pp +++ b/manifests/dist_upgrade.pp @@ -1,8 +1,11 @@ -class apt::dist_upgrade { +class apt::dist_upgrade ( + $timeout = 300, +) { exec { 'apt_dist-upgrade': command => '/usr/bin/apt-get -q -y -o \'DPkg::Options::=--force-confold\' dist-upgrade', refreshonly => true, + timeout => $timeout, before => Exec['apt_updated'] } diff --git a/manifests/init.pp b/manifests/init.pp index 4c44af2..3d93d22 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -11,7 +11,6 @@ class apt( $use_next_release = $apt::params::use_next_release, $debian_url = $apt::params::debian_url, $security_url = $apt::params::security_url, - $backports_url = $apt::params::backports_url, $lts_url = $apt::params::lts_url, $volatile_url = $apt::params::volatile_url, $ubuntu_url = $apt::params::ubuntu_url, @@ -20,20 +19,6 @@ class apt( $custom_sources_list = '', $custom_key_dir = $apt::params::custom_key_dir ) inherits apt::params { - case $::operatingsystem { - 'debian': { - $real_repos = $repos ? { - 'auto' => 'main contrib non-free', - default => $repos, - } - } - 'ubuntu': { - $real_repos = $repos ? { - 'auto' => 'main restricted universe multiverse', - default => $repos, - } - } - } package { 'apt': ensure => installed, @@ -55,14 +40,14 @@ class apt( mode => '0644'; } - apt_conf { '02show_upgraded': + ::apt::apt_conf { '02show_upgraded': source => [ "puppet:///modules/site_apt/${::fqdn}/02show_upgraded", 'puppet:///modules/site_apt/02show_upgraded', 'puppet:///modules/apt/02show_upgraded' ] } if ( $::virtual == 'vserver' ) { - apt_conf { '03clean_vserver': + ::apt::apt_conf { '03clean_vserver': source => [ "puppet:///modules/site_apt/${::fqdn}/03clean_vserver", 'puppet:///modules/site_apt/03clean_vserver', 'puppet:///modules/apt/03clean_vserver' ], @@ -70,7 +55,7 @@ class apt( } } else { - apt_conf { '03clean': + ::apt::apt_conf { '03clean': source => [ "puppet:///modules/site_apt/${::fqdn}/03clean", 'puppet:///modules/site_apt/03clean', 'puppet:///modules/apt/03clean' ] @@ -82,8 +67,6 @@ class apt( include apt::preferences::absent } default: { - # When squeeze becomes the stable branch, transform this file's header - # into a preferences.d file include apt::preferences } } @@ -93,18 +76,15 @@ class apt( ## This package should really always be current package { 'debian-archive-keyring': ensure => latest } - # backports uses the normal archive key now - package { 'debian-backports-keyring': ensure => absent } - if ($use_backports and !($::debian_release in ['testing', 'unstable', 'experimental'])) { apt::sources_list { 'backports': - content => "deb $backports_url ${::debian_codename}-backports ${apt::real_repos}", + content => "deb ${debian_url} ${::debian_codename}-backports ${apt::repos}", } if $include_src { apt::sources_list { 'backports-src': - content => "deb-src $backports_url ${::debian_codename}-backports ${apt::real_repos}", + content => "deb-src ${debian_url} ${::debian_codename}-backports ${apt::repos}", } } } diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp index e64bb1b..ecbbe6d 100644 --- a/manifests/listchanges.pp +++ b/manifests/listchanges.pp @@ -1,6 +1,6 @@ class apt::listchanges( $ensure_version = 'installed', - $config = "apt/${::operatingsystem}/listchanges_${::debian_codename}.erb", + $config = "apt/${::operatingsystem}/listchanges.erb", $frontend = 'mail', $email = 'root', $confirm = '0', diff --git a/manifests/params.pp b/manifests/params.pp index 28af06e..2b18eb5 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -7,16 +7,19 @@ class apt::params () { $debian_url = 'http://httpredir.debian.org/debian/' $security_url = 'http://security.debian.org/' $ubuntu_url = 'http://archive.ubuntu.com/ubuntu' - $backports_url = $::debian_codename ? { - 'squeeze' => 'http://backports.debian.org/debian-backports/', - default => $::operatingsystem ? { - 'Ubuntu' => $ubuntu_url, - default => $debian_url, - } - } $lts_url = $debian_url $volatile_url = 'http://volatile.debian.org/debian-volatile/' - $repos = 'auto' + case $::operatingsystem { + 'debian': { + $repos = 'main contrib non-free' + } + 'ubuntu': { + $repos = 'main restricted universe multiverse' + } + default: { + fail("Unsupported system '${::operatingsystem}'.") + } + } $custom_preferences = '' $custom_key_dir = false } diff --git a/manifests/preferences.pp b/manifests/preferences.pp index 6982ca0..aedd56b 100644 --- a/manifests/preferences.pp +++ b/manifests/preferences.pp @@ -2,8 +2,8 @@ class apt::preferences { $pref_contents = $apt::custom_preferences ? { '' => $::operatingsystem ? { - 'debian' => template("apt/${::operatingsystem}/preferences_${::debian_codename}.erb"), - 'ubuntu' => template("apt/${::operatingsystem}/preferences_${::ubuntu_codename}.erb"), + 'debian' => template("apt/${::operatingsystem}/preferences.erb"), + 'ubuntu' => template("apt/${::operatingsystem}/preferences_${apt::codename}.erb"), }, default => $apt::custom_preferences } diff --git a/manifests/preferences_snippet.pp b/manifests/preferences_snippet.pp index b7dba0d..2b2fb74 100644 --- a/manifests/preferences_snippet.pp +++ b/manifests/preferences_snippet.pp @@ -2,9 +2,9 @@ define apt::preferences_snippet ( $priority = undef, $package = false, $ensure = 'present', - $source = '', - $release = '', - $pin = '' + $source = undef, + $release = undef, + $pin = undef ) { $real_package = $package ? { @@ -36,9 +36,9 @@ define apt::preferences_snippet ( } case $source { - '': { + undef: { case $release { - '': { + undef: { File["/etc/apt/preferences.d/${name}"]{ content => template('apt/preferences_snippet.erb') } diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 3ef0687..162ade7 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,3 +1,4 @@ +# Install a package with a preseed file to automatically answer some questions. define apt::preseeded_package ( $ensure = 'installed', $content = '' @@ -10,7 +11,9 @@ define apt::preseeded_package ( file { $seedfile: content => $real_content, - mode => '0600', owner => root, group => root, + mode => '0600', + owner => 'root', + group => 0, } package { $name: diff --git a/manifests/proxy_client.pp b/manifests/proxy_client.pp index 9ba79f2..e7972f7 100644 --- a/manifests/proxy_client.pp +++ b/manifests/proxy_client.pp @@ -3,7 +3,7 @@ class apt::proxy_client( $port = '3142', ){ - apt_conf { '20proxy': + ::apt::apt_conf { '20proxy': content => template('apt/20proxy.erb'), } } diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp index 722e8a5..efd8aeb 100644 --- a/manifests/reboot_required_notify.pp +++ b/manifests/reboot_required_notify.pp @@ -1,21 +1,11 @@ class apt::reboot_required_notify { - # This package installs the script that created /var/run/reboot-required*. - # This script (/usr/share/update-notifier/notify-reboot-required) is - # triggered e.g. by kernel packages. - package { 'update-notifier-common': - ensure => installed, - } - - # cron-apt defaults to run every night at 4 o'clock - # plus some random time <1h. - # so we check if a reboot is required a bit later. - cron { 'apt_reboot_required_notify': - command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi', - user => root, - hour => 5, - minute => 20, - require => Package['update-notifier-common'], + if versioncmp($::operatingsystemmajrelease, 8) >= 0 { + class { 'apt::reboot_required_notify::jessie': } + # Clean up systems that were upgraded from Wheezy or earlier: + class { 'apt::reboot_required_notify::wheezy': ensure => absent } + } else { + class { 'apt::reboot_required_notify::wheezy': } } } diff --git a/manifests/reboot_required_notify/jessie.pp b/manifests/reboot_required_notify/jessie.pp new file mode 100644 index 0000000..2de6b62 --- /dev/null +++ b/manifests/reboot_required_notify/jessie.pp @@ -0,0 +1,28 @@ +class apt::reboot_required_notify::jessie ($ensure = present) { + + if $::operatingsystemmajrelease == 8 and ! $::apt::use_backports { + fail('apt::reboot_required_notify requires $apt::use_backports on Jessie') + } + + $pinning_ensure = $::operatingsystemmajrelease ? { + 8 => present, + default => absent, + } + apt::preferences_snippet { 'reboot-notifier': + ensure => $pinning_ensure, + pin => 'release o=Debian Backports,a=jessie-backports', + priority => 991, + } + + # On Jessie and newer, this package installs the script that created + # /var/run/reboot-required*. + # This script (/usr/share/update-notifier/notify-reboot-required) is + # triggered e.g. by kernel packages. + # This package also sends a daily email to the administrator when a system + # reboot is required, e.g. due to a kernel update. + package { 'reboot-notifier': + ensure => $ensure, + require => Apt::Preferences_snippet['reboot-notifier'], + } + +} diff --git a/manifests/reboot_required_notify/wheezy.pp b/manifests/reboot_required_notify/wheezy.pp new file mode 100644 index 0000000..06998ef --- /dev/null +++ b/manifests/reboot_required_notify/wheezy.pp @@ -0,0 +1,23 @@ +class apt::reboot_required_notify::wheezy ($ensure = present) { + + # On Wheezy and older, this package installs the script that created + # /var/run/reboot-required*. + # This script (/usr/share/update-notifier/notify-reboot-required) is + # triggered e.g. by kernel packages. + package { 'update-notifier-common': + ensure => $ensure, + } + + # cron-apt defaults to run every night at 4 o'clock + # plus some random time <1h. + # so we check if a reboot is required a bit later. + cron { 'apt_reboot_required_notify': + ensure => $ensure, + command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi', + user => root, + hour => 5, + minute => 20, + require => Package['update-notifier-common'], + } + +} diff --git a/manifests/sources_list.pp b/manifests/sources_list.pp index 0ee068d..6ff4fc3 100644 --- a/manifests/sources_list.pp +++ b/manifests/sources_list.pp @@ -1,14 +1,15 @@ +# Configure an apt source define apt::sources_list ( - $ensure = 'present', - $source = '', + $ensure = 'present', + $source = undef, $content = undef ) { if $ensure == 'present' { - if $source == '' and $content == undef { + if $source == undef and $content == undef { fail("One of \$source or \$content must be specified for apt_sources_snippet ${name}") } - if $source != '' and $content != undef { + if $source != undef and $content != undef { fail("Only one of \$source or \$content must specified for apt_sources_snippet ${name}") } } @@ -22,7 +23,9 @@ define apt::sources_list ( # apparently doesn't. file { "/etc/apt/sources.list.d/${realname}.list": ensure => $ensure, - owner => root, group => 0, mode => '0644', + mode => '0644', + owner => 'root', + group => 0, notify => Exec['apt_updated'], } diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 52d7542..d604125 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -26,7 +26,7 @@ class apt::unattended_upgrades ( default => $config_content } - apt_conf { '50unattended-upgrades': + ::apt::apt_conf { '50unattended-upgrades': content => $file_content, require => Package['unattended-upgrades'], refresh_apt => false diff --git a/manifests/upgrade_package.pp b/manifests/upgrade_package.pp index 30572c9..e61b15d 100644 --- a/manifests/upgrade_package.pp +++ b/manifests/upgrade_package.pp @@ -1,3 +1,5 @@ +# Install a package either to a certain version, or while making sure that it's +# always the latest version that's installed. define apt::upgrade_package ( $version = '' ) { @@ -23,7 +25,7 @@ define apt::upgrade_package ( } exec { "apt-get -q -y -o 'DPkg::Options::=--force-confold' install ${name}${version_suffix}": - onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ], + onlyif => [ "grep-status -F Status installed -a -P ${name} -q", "apt-show-versions -u ${name} | grep -q upgradeable" ], require => Package['apt-show-versions', 'dctrl-tools'], before => Exec['apt_updated'] } |