summaryrefslogtreecommitdiff
path: root/templates/50unattended-upgrades.erb
blob: 7c65d1027d960a9559708c058797f3df5160e104 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
// this file is managed by puppet !

<% if scope.lookupvar('::operatingsystem') == 'Ubuntu' -%>
Unattended-Upgrade::Allowed-Origins {
  "${distro_id}:${distro_codename}-security";
  "${distro_id}:${distro_codename}-updates";
  "${distro_id}:${distro_codename}-backports";
<% elsif scope.lookupvar('::operatingsystem') == 'Debian' and scope.lookupvar('::debian_codename') == 'squeeze' -%>
Unattended-Upgrade::Allowed-Origins {
  "${distro_id}:<%= scope.lookupvar('::debian_release') %>";
  "${distro_id}:squeeze-lts";
<% elsif scope.lookupvar('::operatingsystem') == 'Debian' and scope.lookupvar('::debian_codename') == 'wheezy' -%>
Unattended-Upgrade::Origins-Pattern {
  "origin=Debian,archive=<%= scope.lookupvar('::debian_release') %>,label=Debian-Security";
  "origin=Debian,archive=${distro_codename}-lts";
<% else -%>
Unattended-Upgrade::Origins-Pattern {
  "origin=Debian,codename=${distro_codename},label=Debian";
  "origin=Debian,codename=${distro_codename},label=Debian-Security";
<% end -%>
};

<% if not @blacklisted_packages.empty?  -%>
Unattended-Upgrade::Package-Blacklist {
<% @blacklisted_packages.each do |pkg| -%>
  "<%= pkg %>";
<% end -%>
};
<% end -%>

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::Unattended-Upgrade "1";

Unattended-Upgrade::Mail "<%= @mail_recipient -%>";
<% if @mailonlyonerror -%>
Unattended-Upgrade::MailOnlyOnError "true";
<% end -%>