From a7cc68ed9965f665572afd9d279ebf5f3c7043d7 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 6 May 2015 15:52:07 -0400 Subject: add $ensure_version parameter, to allow for overriding which version of unattended-upgrades is installed --- manifests/unattended_upgrades.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'manifests') diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 9f74bbd..28c6092 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -3,10 +3,11 @@ class apt::unattended_upgrades ( $mailonlyonerror = true, $mail_recipient = 'root', $blacklisted_packages = [], + $ensure_version = present ) { package { 'unattended-upgrades': - ensure => present + ensure => $ensure_version } $file_content = $config_content ? { -- cgit v1.2.3 From a4d788d778ad9b517c840c157d0c0119443c6ac9 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 6 May 2015 21:40:35 +0200 Subject: don't call Exec[refresh_apt] after deploying unattended-upgrades config unattended-upgrades is run on a daily base by cron, no need to force an `apt-get update` after changing this file. --- manifests/unattended_upgrades.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'manifests') diff --git a/manifests/unattended_upgrades.pp b/manifests/unattended_upgrades.pp index 28c6092..6cb0518 100644 --- a/manifests/unattended_upgrades.pp +++ b/manifests/unattended_upgrades.pp @@ -16,7 +16,8 @@ class apt::unattended_upgrades ( } apt_conf { '50unattended-upgrades': - content => $file_content, - require => Package['unattended-upgrades'], + content => $file_content, + require => Package['unattended-upgrades'], + refresh_apt => false } } -- cgit v1.2.3 From 5ea69cb0390deac15d57aefc361a895a0c9a6e96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Tue, 9 Jun 2015 11:25:34 -0400 Subject: allow possibility of disabling backports --- manifests/init.pp | 1 + manifests/params.pp | 1 + 2 files changed, 2 insertions(+) (limited to 'manifests') diff --git a/manifests/init.pp b/manifests/init.pp index 68856cc..062be4c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -7,6 +7,7 @@ class apt( $codename = $apt::params::codename, $use_lts = $apt::params::use_lts, $use_volatile = $apt::params::use_volatile, + $use_backports = $apt::params::use_backports, $include_src = $apt::params::include_src, $use_next_release = $apt::params::use_next_release, $debian_url = $apt::params::debian_url, diff --git a/manifests/params.pp b/manifests/params.pp index f977c27..a1c7392 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -2,6 +2,7 @@ class apt::params () { $codename = $::lsbdistcodename $use_lts = false $use_volatile = false + $use_backports = true $include_src = false $use_next_release = false $debian_url = 'http://httpredir.debian.org/debian/' -- cgit v1.2.3 From 33acc00e5c6d8ab18f2992cccc8ee036b4d7771d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 11 Jun 2015 10:07:47 -0400 Subject: add apt::key resource to deploy arbitrary keys the rationale of this is that isn't useful for third party modules, because they cannot inject keys in there without some serious apt class hijacking --- manifests/key.pp | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 manifests/key.pp (limited to 'manifests') diff --git a/manifests/key.pp b/manifests/key.pp new file mode 100644 index 0000000..0ef9721 --- /dev/null +++ b/manifests/key.pp @@ -0,0 +1,13 @@ +define apt::key ($source) { + file { + "${apt::apt_base_dir}/${name}": + source => $source; + "${apt::apt_base_dir}/keys": + ensure => directory; + } + exec { "apt-key add ${apt::apt_base_dir}/${name}": + subscribe => File["${apt::apt_base_dir}/${name}"], + refreshonly => true, + notify => Exec['refresh_apt'], + } +} -- cgit v1.2.3 From 891aa0fbbed87e24322da7d3a80514f1bf94f0ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 11 Jun 2015 10:21:56 -0400 Subject: allow for binary keys that can be removed --- manifests/key.pp | 15 +++++---------- manifests/key/plain.pp | 13 +++++++++++++ 2 files changed, 18 insertions(+), 10 deletions(-) create mode 100644 manifests/key/plain.pp (limited to 'manifests') diff --git a/manifests/key.pp b/manifests/key.pp index 0ef9721..3f9660f 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -1,13 +1,8 @@ -define apt::key ($source) { +define apt::key ($ensure => 'present', $source) { file { - "${apt::apt_base_dir}/${name}": - source => $source; - "${apt::apt_base_dir}/keys": - ensure => directory; - } - exec { "apt-key add ${apt::apt_base_dir}/${name}": - subscribe => File["${apt::apt_base_dir}/${name}"], - refreshonly => true, - notify => Exec['refresh_apt'], + "/etc/apt/trusted.gpg.d/$name": + source => $source, + ensure => $ensure, + notify => Exec['refresh_apt'], } } diff --git a/manifests/key/plain.pp b/manifests/key/plain.pp new file mode 100644 index 0000000..a84e6dd --- /dev/null +++ b/manifests/key/plain.pp @@ -0,0 +1,13 @@ +define apt::key::plain ($source) { + file { + "${apt::apt_base_dir}/${name}": + source => $source; + "${apt::apt_base_dir}/keys": + ensure => directory; + } + exec { "apt-key add ${apt::apt_base_dir}/${name}": + subscribe => File["${apt::apt_base_dir}/${name}"], + refreshonly => true, + notify => Exec['refresh_apt'], + } +} -- cgit v1.2.3 From 931076f85488e1b0f57aeaf67357a2443b18ffba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 11 Jun 2015 10:32:40 -0400 Subject: fix typo --- manifests/key.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests') diff --git a/manifests/key.pp b/manifests/key.pp index 3f9660f..b396c1e 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -1,4 +1,4 @@ -define apt::key ($ensure => 'present', $source) { +define apt::key ($ensure = 'present', $source) { file { "/etc/apt/trusted.gpg.d/$name": source => $source, -- cgit v1.2.3 From 5564b3fba3d8aebdc3cbcd7441e9c7a216243f46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Wed, 26 Aug 2015 23:27:58 -0400 Subject: fix install location of apt::key::plain --- manifests/key/plain.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'manifests') diff --git a/manifests/key/plain.pp b/manifests/key/plain.pp index a84e6dd..a24a51b 100644 --- a/manifests/key/plain.pp +++ b/manifests/key/plain.pp @@ -1,12 +1,12 @@ define apt::key::plain ($source) { file { - "${apt::apt_base_dir}/${name}": + "${apt::apt_base_dir}/keys/${name}": source => $source; "${apt::apt_base_dir}/keys": ensure => directory; } - exec { "apt-key add ${apt::apt_base_dir}/${name}": - subscribe => File["${apt::apt_base_dir}/${name}"], + exec { "apt-key add ${apt::apt_base_dir}/keys/${name}": + subscribe => File["${apt::apt_base_dir}/keys/${name}"], refreshonly => true, notify => Exec['refresh_apt'], } -- cgit v1.2.3 From dc1a19e6cb7f05815f95f90033d212758f59744b Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 31 Aug 2015 09:54:28 +0000 Subject: Linting. --- manifests/key.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'manifests') diff --git a/manifests/key.pp b/manifests/key.pp index b396c1e..7be526e 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -1,8 +1,8 @@ -define apt::key ($ensure = 'present', $source) { +define apt::key ($source, $ensure = 'present') { file { - "/etc/apt/trusted.gpg.d/$name": - source => $source, + "/etc/apt/trusted.gpg.d/${name}": ensure => $ensure, + source => $source, notify => Exec['refresh_apt'], } } -- cgit v1.2.3 From 8745de17d64a6eac0eb9f15c19f990fd80383c1f Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 31 Aug 2015 09:55:17 +0000 Subject: Quote apt-key variable parameter. This is not perfect protection against special chars that the shell may interpret, but should help at least in case $name contains spaces. --- manifests/key/plain.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests') diff --git a/manifests/key/plain.pp b/manifests/key/plain.pp index a24a51b..e4a2f89 100644 --- a/manifests/key/plain.pp +++ b/manifests/key/plain.pp @@ -5,7 +5,7 @@ define apt::key::plain ($source) { "${apt::apt_base_dir}/keys": ensure => directory; } - exec { "apt-key add ${apt::apt_base_dir}/keys/${name}": + exec { "apt-key add '${apt::apt_base_dir}/keys/${name}'": subscribe => File["${apt::apt_base_dir}/keys/${name}"], refreshonly => true, notify => Exec['refresh_apt'], -- cgit v1.2.3 From 5f7232b420e02eaa38c14a7be75034d9b3cdd64b Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 31 Aug 2015 10:00:09 +0000 Subject: Add validation for apt::key's name. It's great to document requirements in README, but error'ing out whenever the user messes up is even better IMO. --- manifests/key.pp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'manifests') diff --git a/manifests/key.pp b/manifests/key.pp index 7be526e..65b62e9 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -1,4 +1,9 @@ define apt::key ($source, $ensure = 'present') { + validate_re( + $name, '\.gpg$', + 'An apt::key resource name must have the .gpg extension', + ) + file { "/etc/apt/trusted.gpg.d/${name}": ensure => $ensure, -- cgit v1.2.3