summaryrefslogtreecommitdiff
path: root/templates/50unattended-upgrades.erb
diff options
context:
space:
mode:
Diffstat (limited to 'templates/50unattended-upgrades.erb')
-rw-r--r--templates/50unattended-upgrades.erb34
1 files changed, 34 insertions, 0 deletions
diff --git a/templates/50unattended-upgrades.erb b/templates/50unattended-upgrades.erb
new file mode 100644
index 0000000..4492c2d
--- /dev/null
+++ b/templates/50unattended-upgrades.erb
@@ -0,0 +1,34 @@
+// this file is managed by puppet !
+
+Unattended-Upgrade::Allowed-Origins {
+<% if scope.lookupvar('::operatingsystem') == 'Ubuntu' -%>
+ "${distro_id}:${distro_codename}-security";
+ "${distro_id}:${distro_codename}-updates";
+ "${distro_id}:${distro_codename}-backports";
+<% else -%>
+<% if scope.lookupvar('::lsbdistcodename') == 'squeeze' -%>
+ "${distro-id} ${distro-codename}-security";
+ "${distro-id} ${distro-codename}-lts";
+<% else -%>
+ # See Debian bug #704087
+ "o=Debian,a=oldstable,l=Debian-Security";
+ "o=Debian,a=stable,l=Debian-Security";
+<% end -%>
+};
+
+<% if not @blacklisted_packages.empty? -%>
+Unattended-Upgrade::Package-Blacklist {
+<% @blacklisted_packages.each do |pkg| -%>
+ "<%= pkg %>";
+<% end -%>
+}
+<% end -%>
+
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::Unattended-Upgrade "1";
+
+Unattended-Upgrade::Mail "<%= @mail_recipient -%>";
+<% if @mailonlyonerror -%>
+Unattended-Upgrade::MailOnlyOnError "true";
+<% end -%>
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-12 15:06:18 +0000