From 52ebb41690d523dc40fcbc0424008cbc38ef26f4 Mon Sep 17 00:00:00 2001 From: Gabriel Filion Date: Mon, 29 Nov 2010 13:37:53 -0500 Subject: apt_conf: change mode to 644 Current mode (600) makes it impossible to use apt-cache to search for package names and info, since it tries to read all configuration files in /etc/apt/apt.conf.d before executing. Change configuration file mode to 644 so that search tasks can be made without root priviledge. --- manifests/apt_conf.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/apt_conf.pp b/manifests/apt_conf.pp index 62e4377..cce0e6e 100644 --- a/manifests/apt_conf.pp +++ b/manifests/apt_conf.pp @@ -13,7 +13,7 @@ define apt::apt_conf( file { "/etc/apt/apt.conf.d/${name}": ensure => $ensure, notify => Exec["refresh_apt"], - owner => root, group => 0, mode => 0600; + owner => root, group => 0, mode => 0644; } if $source { -- cgit v1.2.3 From 2ee70ab5e08eadfe750b5b7131b258270cbca402 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 12:20:14 -0500 Subject: Set dselect DSelect::Clean to 'pre-auto' by default for hosts that are vservers. Before you only had the choice of setting a 03clean apt configuration for either all hosts, or every single host. Setting it to have the recommended settings for vservers for all hosts meant that you were setting it for non-vservers as well as vservers. The other option you had was to set it per host. This was a bit annoying if you have any more than one vserver because you would need to create a 03clean for every single vserver guest. This change auto-detects if the node is a vserver, and if it is it automatically installs the 03clean_vserver file, with the recommended DSelect::Clean settings, and allows you to override this for all of your vservers, or for specific hosts. --- README | 17 +++++++++-------- files/03clean_vserver | 4 ++++ manifests/init.pp | 19 ++++++++++++++----- 3 files changed, 27 insertions(+), 13 deletions(-) create mode 100644 files/03clean_vserver diff --git a/README b/README index 4c5e727..8118d3c 100644 --- a/README +++ b/README @@ -20,10 +20,10 @@ This module needs: - lsb-release installed - the common module: git://labs.riseup.net/shared-common -By default, this module sets the configuration option DSelect::Clean to 'auto'. -It is the recommended value on normal hosts. On virtual servers, the -recommended value is 'pre-auto', since virtual servers are usually more -space-bound and have better recovery mechanisms via the host: +By default, on normal hosts, this module sets the configuration option +DSelect::Clean to 'auto'. On virtual servers, the value is set by default to +'pre-auto', because virtual servers are usually more space-bound and have better +recovery mechanisms via the host: From apt.conf(5), 0.7.2: "Cache Clean mode; this value may be one of always, prompt, auto, @@ -35,10 +35,11 @@ From apt.conf(5), 0.7.2: packages." To change the default setting for DSelect::Clean, you can create a file named -"03clean" in a site-apt module's files directory. You can also define this for -a specific host by creating a file in a subdirectory of the site-apt modules' -files directory that is named the same as the host. (example: -site-apt/files/some.host.com/03clean) +"03clean" or "03clean_vserver" in your site-apt module's files directory. You +can also define this for a specific host by creating a file in a subdirectory of +the site-apt modules' files directory that is named the same as the +host. (example: site-apt/files/some.host.com/03clean, or +site-apt/files/some.host.com/03clean_vserver) Variables ========= diff --git a/files/03clean_vserver b/files/03clean_vserver new file mode 100644 index 0000000..6bb84e5 --- /dev/null +++ b/files/03clean_vserver @@ -0,0 +1,4 @@ +// This file is managed by Puppet +// all local modifications will be overwritten + +DSelect::Clean pre-auto; diff --git a/manifests/init.pp b/manifests/init.pp index 3f2a523..179b4d8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -93,12 +93,21 @@ class apt { "puppet:///modules/apt/02show_upgraded"] } - apt_conf { "03clean": - source => ["puppet:///modules/site-apt/${fqdn}/03clean", - "puppet:///modules/site-apt/03clean", - "puppet:///modules/apt/03clean"] + if ( $virtual == "vserver" ) { + apt_conf { "03clean_vserver": + source => ["puppet:///modules/site-apt/${fqdn}/03clean_vserver", + "puppet:///modules/site-apt/03clean_vserver", + "puppet:///modules/apt/03clean_vserver"] + } } - + else { + apt_conf { "03clean": + source => ["puppet:///modules/site-apt/${fqdn}/03clean", + "puppet:///modules/site-apt/03clean", + "puppet:///modules/apt/03clean"] + } + } + case $custom_preferences { false: { include apt::preferences::absent -- cgit v1.2.3 From bb03c32b4589400bd03d76645db6d8bb869424ed Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 12:46:37 -0500 Subject: switch the default $debian_url to use the Debian CDN mirror address. The CDN checks your IP and uses the Max-Mind geoIP DB to determine your location and then uses your local country Debian Mirror, or if your local country doesn't have a debian mirror, it uses the local continent. It automatically checks and prunes dead mirrors. the technology for the Debian CDN setup is still improving, I believe that ASN-number associations are the next step to attempt to make more informed, finer-grained choices. This is more useful than using ftp.debian.org because that is just a round-robin DNS entry that could get you any mirror anywhere. --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 179b4d8..e7eac33 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -21,7 +21,7 @@ class apt { } $debian_url = $apt_debian_url ? { - '' => 'http://ftp.debian.org/debian/', + '' => 'http://cdn.debian.net/debian/', default => "${apt_debian_url}", } $security_url = $apt_security_url ? { -- cgit v1.2.3 From e15283b781f35779a75415725cd315104879aa67 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:18:41 -0500 Subject: format standardization --- manifests/apt_conf.pp | 6 ++++-- manifests/cron/base.pp | 3 ++- manifests/dselect.pp | 1 + manifests/init.pp | 33 ++++++++++++++------------------- manifests/preferences.pp | 4 ++-- manifests/preferences/absent.pp | 3 ++- manifests/preferences_snippet.pp | 5 +++-- manifests/preseeded_package.pp | 2 +- manifests/sources_list.pp | 5 +++-- manifests/unattended_upgrades.pp | 3 ++- manifests/upgrade_package.pp | 1 + 11 files changed, 35 insertions(+), 31 deletions(-) diff --git a/manifests/apt_conf.pp b/manifests/apt_conf.pp index 62e4377..a18a9bd 100644 --- a/manifests/apt_conf.pp +++ b/manifests/apt_conf.pp @@ -1,11 +1,13 @@ define apt::apt_conf( $ensure = 'present', $source = '', - $content = undef -){ + $content = undef ) +{ + if $source == '' and $content == undef { fail("One of \$source or \$content must be specified for apt_conf ${name}") } + if $source != '' and $content != undef { fail("Only one of \$source or \$content must specified for apt_conf ${name}") } diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp index 2cfbefb..de55772 100644 --- a/manifests/cron/base.pp +++ b/manifests/cron/base.pp @@ -1,3 +1,4 @@ class apt::cron::base { - package { cron-apt: ensure => installed } + + package { cron-apt: ensure => installed } } diff --git a/manifests/dselect.pp b/manifests/dselect.pp index 52c66cb..45a5ddc 100644 --- a/manifests/dselect.pp +++ b/manifests/dselect.pp @@ -1,4 +1,5 @@ class apt::dselect { + # suppress annoying help texts of dselect append_if_no_such_line { dselect_expert: file => "/etc/dpkg/dselect.cfg", diff --git a/manifests/init.pp b/manifests/init.pp index e7eac33..4ca2b2e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -88,23 +88,23 @@ class apt { } apt_conf { "02show_upgraded": - source => ["puppet:///modules/site-apt/${fqdn}/02show_upgraded", - "puppet:///modules/site-apt/02show_upgraded", - "puppet:///modules/apt/02show_upgraded"] + source => [ "puppet:///modules/site-apt/${fqdn}/02show_upgraded", + "puppet:///modules/site-apt/02show_upgraded", + "puppet:///modules/apt/02show_upgraded" ] } if ( $virtual == "vserver" ) { apt_conf { "03clean_vserver": - source => ["puppet:///modules/site-apt/${fqdn}/03clean_vserver", - "puppet:///modules/site-apt/03clean_vserver", - "puppet:///modules/apt/03clean_vserver"] + source => [ "puppet:///modules/site-apt/${fqdn}/03clean_vserver", + "puppet:///modules/site-apt/03clean_vserver", + "puppet:///modules/apt/03clean_vserver" ] } } else { apt_conf { "03clean": - source => ["puppet:///modules/site-apt/${fqdn}/03clean", - "puppet:///modules/site-apt/03clean", - "puppet:///modules/apt/03clean"] + source => [ "puppet:///modules/site-apt/${fqdn}/03clean", + "puppet:///modules/site-apt/03clean", + "puppet:///modules/apt/03clean" ] } } @@ -121,13 +121,9 @@ class apt { # backward compatibility: upgrade from previous versions of this module. file { - ["/etc/apt/apt.conf.d/from_puppet", - "/etc/apt/apt.conf.d/99from_puppet" - ]: + [ "/etc/apt/apt.conf.d/from_puppet", "/etc/apt/apt.conf.d/99from_puppet" ]: ensure => 'absent', - require => [ Apt_conf['02show_upgraded'], - Apt_conf['03clean'], - ], + require => [ Apt_conf['02show_upgraded'], Apt_conf['03clean'] ]; } # watch .d directories and ensure they are present @@ -143,13 +139,12 @@ class apt { 'refresh_apt': command => '/usr/bin/apt-get update && sleep 1', refreshonly => true, - subscribe => [ File['/etc/apt/apt.conf.d'], - Config_file['/etc/apt/sources.list'] ]; + subscribe => [ File['/etc/apt/apt.conf.d'], Config_file['/etc/apt/sources.list'] ]; + 'update_apt': command => '/usr/bin/apt-get update && /usr/bin/apt-get autoclean', refreshonly => true, - require => [ File['/etc/apt/apt.conf.d', - '/etc/apt/preferences'], + require => [ File['/etc/apt/apt.conf.d', '/etc/apt/preferences' ], Config_file['/etc/apt/sources.list'] ], loglevel => info, # Another Semaphor for all packages to reference diff --git a/manifests/preferences.pp b/manifests/preferences.pp index 4acfdaf..4c93542 100644 --- a/manifests/preferences.pp +++ b/manifests/preferences.pp @@ -3,7 +3,7 @@ class apt::preferences { include common::moduledir $apt_preferences_dir = "${common::moduledir::module_dir_path}/apt/preferences" module_dir{'apt/preferences': } - file{"${apt_preferences_dir}_header": + file { "${apt_preferences_dir}_header": content => $custom_preferences ? { '' => $operatingsystem ? { 'debian' => template("apt/${operatingsystem}/preferences_${codename}.erb"), @@ -13,7 +13,7 @@ class apt::preferences { }, } - concatenated_file{'/etc/apt/preferences': + concatenated_file { '/etc/apt/preferences': dir => $apt_preferences_dir, header => "${apt_preferences_dir}_header", # use Concatenated_file[apt_config] to reference a completed configuration diff --git a/manifests/preferences/absent.pp b/manifests/preferences/absent.pp index d8b2e10..0e96119 100644 --- a/manifests/preferences/absent.pp +++ b/manifests/preferences/absent.pp @@ -1,5 +1,6 @@ class apt::preferences::absent { - file {'/etc/apt/preferences': + + file { '/etc/apt/preferences': ensure => absent, } } diff --git a/manifests/preferences_snippet.pp b/manifests/preferences_snippet.pp index fd2956d..4b8e575 100644 --- a/manifests/preferences_snippet.pp +++ b/manifests/preferences_snippet.pp @@ -2,8 +2,9 @@ define apt::preferences_snippet( $ensure = 'present', $source = '', $release, - $priority -){ + $priority ) +{ + if $custom_preferences == false { fail("Trying to define a preferences_snippet with \$custom_preferences set to false.") } diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 76c432e..8f3bcbd 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -5,7 +5,7 @@ define apt::preseeded_package ($content = "", $ensure = "installed") { default => $content } - file{ $seedfile: + file { $seedfile: content => $real_content, mode => 0600, owner => root, group => root, } diff --git a/manifests/sources_list.pp b/manifests/sources_list.pp index bbf887a..ff8f21a 100644 --- a/manifests/sources_list.pp +++ b/manifests/sources_list.pp @@ -1,8 +1,9 @@ define apt::sources_list ( $ensure = 'present', $source = '', - $content = undef -) { + $content = undef ) +{ + if $source == '' and $content == undef { fail("One of \$source or \$content must be specified for apt_sources_snippet ${name}") } diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index f52448d..e2992f8 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -1,5 +1,6 @@ class apt::unattended_upgrades { - package{'unattended-upgrades': + + package { 'unattended-upgrades': ensure => present, require => undef, } diff --git a/manifests/upgrade_package.pp b/manifests/upgrade_package.pp index 41d5d52..99e9c2a 100644 --- a/manifests/upgrade_package.pp +++ b/manifests/upgrade_package.pp @@ -1,4 +1,5 @@ define apt::upgrade_package ($version = "") { + case $version { '': { exec { "aptitude -y install $name": -- cgit v1.2.3 From 7e1a187f243d64073f660ba8928896e7a1d81db3 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:39:54 -0500 Subject: README update: clarify the site-apt preferences options The README described a few things that were not true relating to the apt/preferences file. First of all it said you could ship a 'file', but preferences.pp very clearly uses the 'content => $custom_preferences' parameter, which will not take file sources, only templates. Secondly, it seemed to imply that you could just drop the custom preferences into your site-apt and it would work. But you actually need to set the $custom_preferences to indicate the content source. Lastly, it said that you could specify a host-specific file in the site-apt module, but there is no facility for this (nor can you use files). Perhaps this is where this module is going eventually, once we have a preferences.d possibility? Until then, it makes more sense to have it reflect the current situation. --- README | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/README b/README index 8118d3c..97a398b 100644 --- a/README +++ b/README @@ -75,15 +75,9 @@ installation will not accidentally pull in packages from those suites unless you explicitly specify the version number. This file will be complemented with all of the preferences_snippet calls (see below). -If the default preferences template doesn't suit your needs, you can -create a file named 'preferences' in a site-apt module's files -directory. You can also create a host-specific file: - - site-apt - - files/ - - server.domain.com/ - - preferences - preferences +If the default preferences template doesn't suit your needs, you can create a +template located in your site-apt module, and set $custom_preferences with the +location (eg. $custom_preferences = "puppet:///modules/site-apt/preferences") Setting this variable to false before including this class will force the apt/preferences file to be absent: -- cgit v1.2.3 From b59bdb0a89bad0a83bda141aa19213b760e6896c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:44:30 -0500 Subject: README update: clarify that the debian-archive-keyring is managed already Just so people are clear that they do not need to specify a $custom_key_dir to manage the debian archive keyring, I've added some clarifying text so you know that this is not necessary --- README | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README b/README index 97a398b..b448859 100644 --- a/README +++ b/README @@ -92,6 +92,9 @@ apt keyring, you can set this variable to a path in your fileserver where individual key files can be placed. If this is set and keys exist there, this module will 'apt-key add' each key. +The debian-archive-keyring package is installed and kept current up to the +latest revision (this includes the backports archive keyring). + $apt_proxy / $apt_proxy_port ---------------------------- -- cgit v1.2.3 From 1c1ed0e352c69296ac2681246de24875572cd534 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 13:53:01 -0500 Subject: README update: minor typo fix --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index b448859..406266a 100644 --- a/README +++ b/README @@ -159,7 +159,7 @@ apt --- The apt class sets up most of the documented functionality. To use -functionality that is not enabled by default, you must inlucde one of +functionality that is not enabled by default, you must include one of the following classes. apt::cron::download -- cgit v1.2.3 From ef2ebdffd25937e841be079d3aa256570ac33196 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 22:59:58 -0500 Subject: switch to archive name for lenny default preferences the templates/Debian/preferences_lenny.erb file checked in with e2f80db7b76171e5945127e2fd42fb35043990fb contains pinning based on codename, which is not supported in lenny (see #433624 - if you look at the version graph, you see, "Fixed in version 0.7.21", and lenny has 0.7.20.2+lenny1.) --- templates/Debian/preferences_lenny.erb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/Debian/preferences_lenny.erb b/templates/Debian/preferences_lenny.erb index 3de7959..be8ecd8 100644 --- a/templates/Debian/preferences_lenny.erb +++ b/templates/Debian/preferences_lenny.erb @@ -1,6 +1,6 @@ Explanation: Debian <%= codename %> Package: * -Pin: release o=Debian,n=<%= codename %> +Pin: release o=Debian,a=<%= release %> Pin-Priority: 990 Explanation: Debian backports @@ -8,14 +8,14 @@ Package: * Pin: origin backports.debian.org Pin-Priority: 200 -Explanation: Debian <%= next_codename %> +Explanation: Debian <%= next_release %> Package: * -Pin: release o=Debian,n=<%= next_codename %> +Pin: release o=Debian,a=<%= next_release %> Pin-Priority: 2 Explanation: Debian sid Package: * -Pin: release o=Debian,n=sid +Pin: release o=Debian,a=unstable Pin-Priority: 1 Explanation: Debian fallback -- cgit v1.2.3 From dd0552dce13f123dc05c5600232216f905c70f7b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 23:03:15 -0500 Subject: update apt::preseeded_package template sources to use $lsbdistcodename instead of $debian_release, also expand it to allow for site-apt sources --- README | 8 ++++---- manifests/preseeded_package.pp | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/README b/README index 406266a..7abb1ea 100644 --- a/README +++ b/README @@ -226,10 +226,10 @@ apt::preseeded_package ---------------------- This simplifies installation of packages for which you wish to preseed the -answers to debconf. For example, if you wish to provide a preseed file -for the locales package, you would place the locales.seed file in -'templates/$debian_version/locales.seeds' and then include the following -in your manifest: +answers to debconf. For example, if you wish to provide a preseed file for the +locales package, you would place the locales.seed file in +'site-apt/templates/$lsbdistcodename/locales.seeds' and then include the +following in your manifest: apt::preseeded_package { locales: } diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 8f3bcbd..74aafa5 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,7 +1,9 @@ define apt::preseeded_package ($content = "", $ensure = "installed") { $seedfile = "/var/cache/local/preseeding/$name.seeds" $real_content = $content ? { - "" => template ( "$name.seeds", "$debian_version/$name.seeds" ), + "" => template ( "site-apt/$name.seeds", + "site-apt/$lsbdistcodename/$name.seeds", + "$name.seeds", "$lsbdistcodename/$name.seeds" ), default => $content } -- cgit v1.2.3 From ee21742cf8f59d6bf0f8f70d44d30b44556dde3d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 23:06:11 -0500 Subject: change the name of the custom_keys exec to be "custom_keys" instead of using the alias metaparameter. the reason for this change was because the Exec override was not able to find the exec through its alias --- manifests/init.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 4ca2b2e..daada63 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -167,8 +167,8 @@ class apt { recurse => true, mode => 0755, owner => root, group => root, } - exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update": - alias => "custom_keys", + exec { "custom_keys": + command => "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update", subscribe => File["${apt_base_dir}/keys.d"], refreshonly => true, } -- cgit v1.2.3 From 36c4873f87af74ba1ab9f780db2992c788ef925f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Dec 2010 23:57:25 -0500 Subject: multiple sources for templates are not allowed (see #1818), so revert it to a single source referenced by the README, and clarify the README to indicate how you can pass the preseed contents directly --- README | 8 ++++---- manifests/preseeded_package.pp | 4 +--- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/README b/README index 7abb1ea..109c92a 100644 --- a/README +++ b/README @@ -233,11 +233,11 @@ following in your manifest: apt::preseeded_package { locales: } -You can also specify 'content' to define this file via a template. Here's an -example for preseeding installation of the 'mysql' package with a template: +You can also specify the content of the seed via the content parameter, +for example: - apt::preseeded_package { "mysql": - content => template("site-apt/mysql.seed.erb"), + apt::preseeded_package { "apticron": + content => "apticron apticron/notification string root@example.com", } apt::sources_list diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 74aafa5..42c6200 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,9 +1,7 @@ define apt::preseeded_package ($content = "", $ensure = "installed") { $seedfile = "/var/cache/local/preseeding/$name.seeds" $real_content = $content ? { - "" => template ( "site-apt/$name.seeds", - "site-apt/$lsbdistcodename/$name.seeds", - "$name.seeds", "$lsbdistcodename/$name.seeds" ), + "" => template ( "site-apt/$lsbdistcodename/$name.seeds" ) default => $content } -- cgit v1.2.3 From 72bb7b5ccb42bc9e32d191eb55e2fd8831abff68 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 00:02:15 -0500 Subject: fix typo --- manifests/preseeded_package.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/preseeded_package.pp b/manifests/preseeded_package.pp index 42c6200..839f200 100644 --- a/manifests/preseeded_package.pp +++ b/manifests/preseeded_package.pp @@ -1,7 +1,7 @@ define apt::preseeded_package ($content = "", $ensure = "installed") { $seedfile = "/var/cache/local/preseeding/$name.seeds" $real_content = $content ? { - "" => template ( "site-apt/$lsbdistcodename/$name.seeds" ) + "" => template ( "site-apt/$lsbdistcodename/$name.seeds" ), default => $content } -- cgit v1.2.3 From d9ccf2a99b4af1430ba6fecdecde9737d89fa674 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 09:57:02 -0500 Subject: provide an "03clean" alias for the 03clean_vserver to satisfy dependencies --- manifests/init.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index daada63..2d46ad4 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -97,7 +97,8 @@ class apt { apt_conf { "03clean_vserver": source => [ "puppet:///modules/site-apt/${fqdn}/03clean_vserver", "puppet:///modules/site-apt/03clean_vserver", - "puppet:///modules/apt/03clean_vserver" ] + "puppet:///modules/apt/03clean_vserver" ], + alias => "03clean"; } } else { -- cgit v1.2.3 From fbb291ed19eeb9a64d4aed78c48d221315da7866 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:24:24 -0500 Subject: add apticron support. Why apticron, when we have cron-apt already? Some people have different preferences, we use apticron along with the upgrade_package functionality in this module. I know someone who uses cron-apt to run the upgrades, but apticron for notifications, because apticron's notifications are much nicer (cron-apt just gives you the output of apt-get upgrade) --- README | 18 +++++++++ manifests/apticron.pp | 54 +++++++++++++++++++++++++ templates/Debian/apticron_lenny.erb | 46 +++++++++++++++++++++ templates/Debian/apticron_squeeze.erb | 75 +++++++++++++++++++++++++++++++++++ 4 files changed, 193 insertions(+) create mode 100644 manifests/apticron.pp create mode 100644 templates/Debian/apticron_lenny.erb create mode 100644 templates/Debian/apticron_squeeze.erb diff --git a/README b/README index 109c92a..355379b 100644 --- a/README +++ b/README @@ -162,6 +162,24 @@ The apt class sets up most of the documented functionality. To use functionality that is not enabled by default, you must include one of the following classes. +apt::apticron +------------- + +When you include this class, apticron will be installed, with the following +defaults, which you are free to change before you include the class: + + $apticron_ensure_version = "present" + $apticron_email = "root" + $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb" + $apticron_diff_only = "1" + $apticron_listchanges_profile = "apticron" + $apticron_system = false + $apticron_ipaddressnum = false + $apticron_ipaddresses = false + $apticron_notifyholds = "0" + $apticron_notifynew = "0" + $apticron_customsubject = "" + apt::cron::download ------------------- diff --git a/manifests/apticron.pp b/manifests/apticron.pp new file mode 100644 index 0000000..7f834a5 --- /dev/null +++ b/manifests/apticron.pp @@ -0,0 +1,54 @@ +class apt::apticron { + + case $apticron_ensure_version { + '': { $apticron_ensure_version = "present" } + } + + case $apticron_config { + '': { $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb" } + } + + case $apticron_email { + '': { $apticron_email = "root" } + } + + case $apticron_diff_only { + '': { $apticron_diff_only = "1" } + } + + case $apticron_listchanges_profile { + '': { $apticron_listchanges_profile = "apticron" } + } + + case $apticron_system { + '': { $apticron_system = false } + } + + case $apticron_ipaddressnum { + '': { $apticron_ipaddressnum = false } + } + + case $apticron_ipaddresses { + '': { $apticron_ipaddresses = false } + } + + case $apticron_notifyholds { + '': { $apticron_notifyholds = "0" } + } + + case $apticron_notifynew { + '': { $apticron_notifynew = "0" } + } + + case $apticron_customsubject { + '': { $apticron_customsubject = "" } + } + + package { apticron: ensure => $apticron_ensure_version } + + file { "/etc/apticron/apticron.conf": + content => template($apticron_config), + mode => 0644, owner => root, group => root, + require => Package["apticron"]; + } +} diff --git a/templates/Debian/apticron_lenny.erb b/templates/Debian/apticron_lenny.erb new file mode 100644 index 0000000..9505633 --- /dev/null +++ b/templates/Debian/apticron_lenny.erb @@ -0,0 +1,46 @@ +# apticron.conf +# +# set EMAIL to a list of addresses which will be notified of impending updates +# +EMAIL="<%= apticron_email %>" + +# +# Set DIFF_ONLY to "1" to only output the difference of the current run +# compared to the last run (ie. only new upgrades since the last run). If there +# are no differences, no output/email will be generated. By default, apticron +# will output everything that needs to be upgraded. +# +DIFF_ONLY="<%= apticron_diff_only %>" + +# +# Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges +# with the --profile option. You should add a corresponding profile to +# /etc/apt/listchanges.conf +# +LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" + +# +# Set SYSTEM if you would like apticron to use something other than the output +# of "hostname -f" for the system name in the mails it generates +# +# SYSTEM="foobar.example.com" +<%- if has_variable?(apticron_system) and instance_variable_get("@#{apticron_system}").to_s != "false" -%> +<%= 'SYSTEM="' + instance_variable_get("@#{apticron_system}").to_s + '"' %> + +# +# Set IPADDRESSNUM if you would like to configure the maximal number of IP +# addresses apticron displays. The default is to display 1 address of each +# family type (inet, inet6), if available. +# +# IPADDRESSNUM="1" +<%- if has_variable?(apticron_ipaddressnum) and instance_variable_get("@#{apticron_ipaddressnum}").to_s != "false" -%> +<%= 'IPADDRESSNUM="' + instance_variable_get("@#{apticron_ipaddressnum}").to_s + '"' %> + +# +# Set IPADDRESSES to a whitespace seperated list of reachable addresses for +# this system. By default, apticron will try to work these out using the +# "ip" command +# +# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" +<%- if has_variable?(apticron_ipaddresses) and instance_variable_get("@#{apticron_ipaddresses}").to_s != "false" -%> +<%= 'IPADDRESSES="' + instance_variable_get("@#{apticron_ipaddresses}").to_s + '"' %> diff --git a/templates/Debian/apticron_squeeze.erb b/templates/Debian/apticron_squeeze.erb new file mode 100644 index 0000000..274f14d --- /dev/null +++ b/templates/Debian/apticron_squeeze.erb @@ -0,0 +1,75 @@ +# apticron.conf +# +# set EMAIL to a space separated list of addresses which will be notified of +# impending updates +# +EMAIL="<%= apticron_email %>" + +# +# Set DIFF_ONLY to "1" to only output the difference of the current run +# compared to the last run (ie. only new upgrades since the last run). If there +# are no differences, no output/email will be generated. By default, apticron +# will output everything that needs to be upgraded. +# +DIFF_ONLY="<%= apticron_diff_only %>" + +# +# Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges +# with the --profile option. You should add a corresponding profile to +# /etc/apt/listchanges.conf +# +LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" + +# +# Set SYSTEM if you would like apticron to use something other than the output +# of "hostname -f" for the system name in the mails it generates +# +# SYSTEM="foobar.example.com" +<%- if has_variable?(apticron_system) and instance_variable_get("@#{apticron_system}").to_s != "false" -%> +<%= 'SYSTEM="' + instance_variable_get("@#{apticron_system}").to_s + '"' %> + +# +# Set IPADDRESSNUM if you would like to configure the maximal number of IP +# addresses apticron displays. The default is to display 1 address of each +# family type (inet, inet6), if available. +# +# IPADDRESSNUM="1" +<%- if has_variable?(apticron_ipaddressnum) and instance_variable_get("@#{apticron_ipaddressnum}").to_s != "false" -%> +<%= 'IPADDRESSNUM="' + instance_variable_get("@#{apticron_ipaddressnum}").to_s + '"' %> + +# +# Set IPADDRESSES to a whitespace separated list of reachable addresses for +# this system. By default, apticron will try to work these out using the +# "ip" command +# +# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" +<%- if has_variable?(apticron_ipaddresses) and instance_variable_get("@#{apticron_ipaddresses}").to_s != "false" -%> +<%= 'IPADDRESSES="' + instance_variable_get("@#{apticron_ipaddresses}").to_s + '"' %> + +# +# Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of +# packages on hold in your system. The default behavior is downloading and +# listing them as any other package. +# +# NOTIFY_HOLDS="0" +NOTIFY_HOLDS="<%= apticron_notifyholds %>" + +# +# Set NOTIFY_NEW="0" if you don't want to be notified about packages which +# are not installed in your system. Yes, it's possible! There are some issues +# related to systems which have mixed stable/unstable sources. In these cases +# apt-get will consider for example that packages with "Priority: +# required"/"Essential: yes" in unstable but not in stable should be installed, +# so they will be listed in dist-upgrade output. Please take a look at +# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44 +# +# NOTIFY_NEW="0" +NOTIFY_NEW="<%= apticron_notifynew %>" + +# +# Set CUSTOM_SUBJECT if you want to replace the default subject used in +# the notification e-mails. This may help filtering/sorting client-side e-mail. +# +# CUSTOM_SUBJECT="" +CUSTOM_SUBJECT="<%= apticron_customsubject %>" + -- cgit v1.2.3 From 13bf7d0623fceb3b97cc90f0a9a9dcd8afdb03e8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:25:09 -0500 Subject: add apt-listchanges support. this is a nice compliment to using the upgrade_package functionality, because you get an email when the package has been upgraded. --- README | 13 +++++++++++ manifests/listchanges.pp | 38 ++++++++++++++++++++++++++++++++ templates/Debian/listchanges_lenny.erb | 7 ++++++ templates/Debian/listchanges_squeeze.erb | 1 + 4 files changed, 59 insertions(+) create mode 100644 manifests/listchanges.pp create mode 100644 templates/Debian/listchanges_lenny.erb create mode 120000 templates/Debian/listchanges_squeeze.erb diff --git a/README b/README index 355379b..f171e8c 100644 --- a/README +++ b/README @@ -198,6 +198,19 @@ apt::dselect This class, when included, installs dselect and switches it to expert mode to suppress superfluous help screens. +apt::listchanges + +This class, when included, installs apt-listchanges and configures it using the +following variables, the defaults are below: + + $listchanges_version = "present" + $listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb" + $listchanges_frontend = "pager" + $listchanges_email = "root" + $listchanges_confirm = "0" + $listchanges_saveseen = "/var/lib/apt/listchanges.db" + $listchanges_which = "both" + apt::proxy_client ----------------- diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp new file mode 100644 index 0000000..3b886bf --- /dev/null +++ b/manifests/listchanges.pp @@ -0,0 +1,38 @@ +class apt::listchanges { + + case $listchanges_version { + '': { $listchanges_version = "present" } + } + + case $listchanges_config { + '': { $listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb" } + } + + case $listchanges_frontend { + '' { $listchanges_frontend = "pager" } + } + + case $listchanges_email { + '': { $listchanges_email = "root" } + } + + case $listchanges_confirm { + '': { $listchanges_confirm = "0" } + } + + case $listchanges_saveseen { + '': { $listchanges_saveseen = "/var/lib/apt/listchanges.db" } + } + + case $listchanges_which { + '': { $listchanges_which = "both" } + } + + package { apt-listchanges: ensure => $listchanges_ensure_version } + + file { "/etc/apt/listchanges.conf": + content => template($listchanges_config), + mode => 0644, owner => root, group => root, + require => Package["apt-listchanges"]; + } +} diff --git a/templates/Debian/listchanges_lenny.erb b/templates/Debian/listchanges_lenny.erb new file mode 100644 index 0000000..fec3b68 --- /dev/null +++ b/templates/Debian/listchanges_lenny.erb @@ -0,0 +1,7 @@ +[apt] +frontend=<%= listchanges_frontend %> +email_address=<%= listchanges_email %> +confirm=<%= listchanges_confirm %> +save_seen=<%= listchanges_saveseen %> +which=<%= listchanges_which %> + diff --git a/templates/Debian/listchanges_squeeze.erb b/templates/Debian/listchanges_squeeze.erb new file mode 120000 index 0000000..74ab496 --- /dev/null +++ b/templates/Debian/listchanges_squeeze.erb @@ -0,0 +1 @@ +listchanges_lenny.erb \ No newline at end of file -- cgit v1.2.3 From 8944374bf2f6e286db3996f7c7cb0c9eac3d90f4 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:27:13 -0500 Subject: fix confusion over lsbrelease / lsbdistcodename --- manifests/apticron.pp | 2 +- manifests/listchanges.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/apticron.pp b/manifests/apticron.pp index 7f834a5..2fe8e44 100644 --- a/manifests/apticron.pp +++ b/manifests/apticron.pp @@ -5,7 +5,7 @@ class apt::apticron { } case $apticron_config { - '': { $apticron_config = "apt/${operatingsystem}/apticron_${lsbrelease}.erb" } + '': { $apticron_config = "apt/${operatingsystem}/apticron_${lsbdistcodename}.erb" } } case $apticron_email { diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp index 3b886bf..367f966 100644 --- a/manifests/listchanges.pp +++ b/manifests/listchanges.pp @@ -5,7 +5,7 @@ class apt::listchanges { } case $listchanges_config { - '': { $listchanges_config = "apt/${operatingsystem}/listchanges_${lsbrelease}.erb" } + '': { $listchanges_config = "apt/${operatingsystem}/listchanges_${lsbdistcodename}.erb" } } case $listchanges_frontend { -- cgit v1.2.3 From d32573ae838043978026512858d7e09c357d5166 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:29:45 -0500 Subject: fix template missing <%- end -%> --- templates/Debian/apticron_lenny.erb | 3 +++ templates/Debian/apticron_squeeze.erb | 3 +++ 2 files changed, 6 insertions(+) diff --git a/templates/Debian/apticron_lenny.erb b/templates/Debian/apticron_lenny.erb index 9505633..e484700 100644 --- a/templates/Debian/apticron_lenny.erb +++ b/templates/Debian/apticron_lenny.erb @@ -26,6 +26,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # SYSTEM="foobar.example.com" <%- if has_variable?(apticron_system) and instance_variable_get("@#{apticron_system}").to_s != "false" -%> <%= 'SYSTEM="' + instance_variable_get("@#{apticron_system}").to_s + '"' %> +<%- end -%> # # Set IPADDRESSNUM if you would like to configure the maximal number of IP @@ -35,6 +36,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # IPADDRESSNUM="1" <%- if has_variable?(apticron_ipaddressnum) and instance_variable_get("@#{apticron_ipaddressnum}").to_s != "false" -%> <%= 'IPADDRESSNUM="' + instance_variable_get("@#{apticron_ipaddressnum}").to_s + '"' %> +<%- end -%> # # Set IPADDRESSES to a whitespace seperated list of reachable addresses for @@ -44,3 +46,4 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" <%- if has_variable?(apticron_ipaddresses) and instance_variable_get("@#{apticron_ipaddresses}").to_s != "false" -%> <%= 'IPADDRESSES="' + instance_variable_get("@#{apticron_ipaddresses}").to_s + '"' %> +<%- end -%> \ No newline at end of file diff --git a/templates/Debian/apticron_squeeze.erb b/templates/Debian/apticron_squeeze.erb index 274f14d..3b8c9fd 100644 --- a/templates/Debian/apticron_squeeze.erb +++ b/templates/Debian/apticron_squeeze.erb @@ -27,6 +27,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # SYSTEM="foobar.example.com" <%- if has_variable?(apticron_system) and instance_variable_get("@#{apticron_system}").to_s != "false" -%> <%= 'SYSTEM="' + instance_variable_get("@#{apticron_system}").to_s + '"' %> +<%- end %> # # Set IPADDRESSNUM if you would like to configure the maximal number of IP @@ -36,6 +37,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # IPADDRESSNUM="1" <%- if has_variable?(apticron_ipaddressnum) and instance_variable_get("@#{apticron_ipaddressnum}").to_s != "false" -%> <%= 'IPADDRESSNUM="' + instance_variable_get("@#{apticron_ipaddressnum}").to_s + '"' %> +<%- end -%> # # Set IPADDRESSES to a whitespace separated list of reachable addresses for @@ -45,6 +47,7 @@ LISTCHANGES_PROFILE="<%= apticron_listchanges_profile %>" # IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1" <%- if has_variable?(apticron_ipaddresses) and instance_variable_get("@#{apticron_ipaddresses}").to_s != "false" -%> <%= 'IPADDRESSES="' + instance_variable_get("@#{apticron_ipaddresses}").to_s + '"' %> +<%- end -%> # # Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of -- cgit v1.2.3 From d61a64b3942fa5f8ecd24af178a35633bace8f21 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 8 Dec 2010 22:32:00 -0500 Subject: fix syntax error --- manifests/listchanges.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/listchanges.pp b/manifests/listchanges.pp index 367f966..964a75d 100644 --- a/manifests/listchanges.pp +++ b/manifests/listchanges.pp @@ -9,7 +9,7 @@ class apt::listchanges { } case $listchanges_frontend { - '' { $listchanges_frontend = "pager" } + '': { $listchanges_frontend = "pager" } } case $listchanges_email { -- cgit v1.2.3 From c67abe8d167ddc3435c444a44206243e983efea0 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 9 Dec 2010 09:48:38 -0500 Subject: fix compile syntax error in ubuntu sources.list, closes #2639 --- templates/Ubuntu/sources.list.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/Ubuntu/sources.list.erb b/templates/Ubuntu/sources.list.erb index 81650a2..b5725f5 100644 --- a/templates/Ubuntu/sources.list.erb +++ b/templates/Ubuntu/sources.list.erb @@ -22,5 +22,5 @@ deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-security <%= repos %> # backports deb <%= ubuntu_url %> <%= lsbdistcodename %>-backports main <%= repos %> <% if include_src then -%> -deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos > +deb-src <%= ubuntu_url %> <%= lsbdistcodename %>-backports <%= repos %> <% end -%> -- cgit v1.2.3 From ab3a5294cf0ea0cf2ad233e04bf13f7631f9454c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 9 Dec 2010 09:51:00 -0500 Subject: removed bit from README that is no longer true --- README | 4 ---- 1 file changed, 4 deletions(-) diff --git a/README b/README index f171e8c..7c747a1 100644 --- a/README +++ b/README @@ -325,10 +325,6 @@ Package { require => Exec[apt_updated] } TODO ==== -Currently this module updates the caches on every run. Running apt-get update is -an expensive operation and should be done only on schedule by using -apticron or cron-apt. - Sometimes -- especially when initially starting management or deploying new packages -- a immediate update is really needed to be able to install the right packages without errors. Thus a method should be devised to be able to specify -- cgit v1.2.3