From 9192785c452ce2cfa0f58984d3aebdcaf841113a Mon Sep 17 00:00:00 2001 From: Gabriel Filion Date: Sat, 27 Jul 2013 13:38:27 -0400 Subject: make it possible to opt out of MailOnlyOnError This combines all files into one template. It should make maintenance easier. --- files/Debian/50unattended-upgrades | 12 ------------ files/Debian/50unattended-upgrades.squeeze | 14 -------------- files/Ubuntu/50unattended-upgrades | 16 ---------------- manifests/unattended_upgrades.pp | 16 ++++++++++------ templates/50unattended-upgrades.erb | 26 ++++++++++++++++++++++++++ 5 files changed, 36 insertions(+), 48 deletions(-) delete mode 100644 files/Debian/50unattended-upgrades delete mode 100644 files/Debian/50unattended-upgrades.squeeze delete mode 100644 files/Ubuntu/50unattended-upgrades create mode 100644 templates/50unattended-upgrades.erb diff --git a/files/Debian/50unattended-upgrades b/files/Debian/50unattended-upgrades deleted file mode 100644 index 075f680..0000000 --- a/files/Debian/50unattended-upgrades +++ /dev/null @@ -1,12 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Origins-Pattern { - "o=Debian,a=oldstable,l=Debian-Security"; - "o=Debian,a=stable,l=Debian-Security"; -} - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; diff --git a/files/Debian/50unattended-upgrades.squeeze b/files/Debian/50unattended-upgrades.squeeze deleted file mode 100644 index 77f715d..0000000 --- a/files/Debian/50unattended-upgrades.squeeze +++ /dev/null @@ -1,14 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { -// "${distro-id} oldstable"; -// "${distro_id} ${distro_codename}-backports"; - "${distro_id} ${distro_codename}-security"; - "${distro_id} ${distro_codename}-lts"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; diff --git a/files/Ubuntu/50unattended-upgrades b/files/Ubuntu/50unattended-upgrades deleted file mode 100644 index 25c7758..0000000 --- a/files/Ubuntu/50unattended-upgrades +++ /dev/null @@ -1,16 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "${distro_id}:${distro_codename}-security"; - "${distro_id}:${distro_codename}-updates"; - "${distro_id}:${distro_codename}-backports"; - //"${distro_id}:${distro_codename}-proposed"; -}; - - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; -Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 80939e3..b63b483 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -1,15 +1,19 @@ -class apt::unattended_upgrades { +class apt::unattended_upgrades ( + $config_content = undef, + $mailonlyonerror = true, +) { package { 'unattended-upgrades': ensure => present } + $file_content = $config_content ? { + undef => template('apt/50unattended-upgrades.erb'), + default => $config_content + } + apt_conf { '50unattended-upgrades': - source => [ - "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", - "puppet:///modules/site_apt/${::lsbdistid}/50unattended-upgrades", - "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades.${::lsbdistcodename}", - "puppet:///modules/apt/${::lsbdistid}/50unattended-upgrades" ], + content => $file_content, require => Package['unattended-upgrades'], } } diff --git a/templates/50unattended-upgrades.erb b/templates/50unattended-upgrades.erb new file mode 100644 index 0000000..0ba0d7e --- /dev/null +++ b/templates/50unattended-upgrades.erb @@ -0,0 +1,26 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { +<% if scope.lookupvar('::operatingsystem') == 'Ubuntu' -%> + "${distro_id}:${distro_codename}-security"; + "${distro_id}:${distro_codename}-updates"; + "${distro_id}:${distro_codename}-backports"; +<% else -%> +<% if scope.lookupvar('::lsbdistcodename') == 'squeeze' -%> + "${distro-id} ${distro-codename}-security"; + "${distro-id} ${distro-codename}-lts"; +<% else -%> + # See Debian bug #704087 + "o=Debian,a=oldstable,l=Debian-Security"; + "o=Debian,a=stable,l=Debian-Security"; +<% end -%> +}; + +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::Unattended-Upgrade "1"; + +Unattended-Upgrade::Mail "root"; +<% if mailonlyonerror -%> +Unattended-Upgrade::MailOnlyOnError "true"; +<% end -%> -- cgit v1.2.3