From 886245f2cb7614a8c749d34e6f08ee17b92c970f Mon Sep 17 00:00:00 2001
From: Daniele Sluijters <daenney@users.noreply.github.com>
Date: Tue, 14 Apr 2015 17:25:40 +0200
Subject: Initial commit (this is not finished).

---
 templates/periodic.erb            | 47 ++++++++++++++++++++++++++++++
 templates/unattended-upgrades.erb | 60 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 107 insertions(+)
 create mode 100644 templates/periodic.erb
 create mode 100644 templates/unattended-upgrades.erb

(limited to 'templates')

diff --git a/templates/periodic.erb b/templates/periodic.erb
new file mode 100644
index 0000000..8a581e0
--- /dev/null
+++ b/templates/periodic.erb
@@ -0,0 +1,47 @@
+APT::Periodic::Enable "<%= @enable %>";
+#  - Enable the update/upgrade script (0=disable)
+#
+APT::Periodic::BackupArchiveInterval "<%= @_backup['archive_interval'] %>";
+#  - Backup after n-days if archive contents changed.(0=disable)
+#
+APT::Periodic::BackupLevel "<%= @_backup['level'] %>";
+#  - Backup level.(0=disable), 1 is invalid.
+#
+APT::Periodic::MaxAge "<%= @_age['max'] %>";
+#  - Set maximum allowed age of a cache package file. If a cache
+#    package file is older it is deleted (0=disable)
+#
+APT::Periodic::MinAge "<%= @_age['min'] %>";
+#  - Set minimum age of a package file. If a file is younger it
+#    will not be deleted (0=disable). Usefull to prevent races
+#    and to keep backups of the packages for emergency.
+#
+APT::Periodic::MaxSize "<%= @_size['max'] %>";
+#  - Set maximum size of the cache in MB (0=disable). If the cache
+#    is bigger, cached package files are deleted until the size
+#    requirement is met (the biggest packages will be deleted
+#    first).
+#
+APT::Periodic::Update-Package-Lists "<%= @update %>";
+#  - Do "apt-get update" automatically every n-days (0=disable)
+#
+APT::Periodic::Download-Upgradeable-Packages "<%= @_upgradeable_packages['downlaod_only'] %>";
+#  - Do "apt-get upgrade --download-only" every n-days (0=disable)
+#
+#  APT::Periodic::Download-Upgradeable-Packages-Debdelta "<%= @_upgradeable_packages['debdelta'] %>";
+#  - Use debdelta-upgrade to download updates if available (0=disable)
+APT::Periodic::Unattended-Upgrade "<%= @upgrade %>";
+#  - Run the "unattended-upgrade" security upgrade script
+#    every n-days (0=disabled)
+#    Requires the package "unattended-upgrades" and will write
+#    a log in /var/log/unattended-upgrades
+#
+APT::Periodic::AutocleanInterval "<%= @_auto['clean'] %>";
+#  - Do "apt-get autoclean" every n-days (0=disable)
+#
+APT::Periodic::Verbose "<%= @verbose %>";
+#  - Send report mail to root
+#      0:  no report             (or null string)
+#      1:  progress report       (actually any string)
+#      2:  + command outputs     (remove -qq, remove 2>/dev/null, add -d)
+#      3:  + trace on
diff --git a/templates/unattended-upgrades.erb b/templates/unattended-upgrades.erb
new file mode 100644
index 0000000..5007193
--- /dev/null
+++ b/templates/unattended-upgrades.erb
@@ -0,0 +1,60 @@
+// Automatically upgrade packages from these (origin:archive) pairs
+<%- if @legacy_origin -%>
+Unattended-Upgrade::Allowed-Origins {
+<%- else -%>
+Unattended-Upgrade::Origins-Pattern {
+<%- end -%>
+<% @origins.each do |origin| -%>
+	"<%= origin %>";
+<% end -%>
+};
+
+// List of packages to not update
+Unattended-Upgrade::Package-Blacklist {
+<% @blacklist.each do |package| -%>
+	"<%= package %>";
+<% end -%>
+};
+
+// This option allows you to control if on a unclean dpkg exit
+// unattended-upgrades will automatically run
+//   dpkg --force-confold --configure -a
+// The default is true, to ensure updates keep getting installed
+Unattended-Upgrade::AutoFixInterruptedDpkg "<%= @_auto['fix_interrupted_dpkg'].to_s %>";
+
+// Split the upgrade into the smallest possible chunks so that
+// they can be interrupted with SIGUSR1. This makes the upgrade
+// a bit slower but it has the benefit that shutdown while a upgrade
+// is running is possible (with a small delay)
+Unattended-Upgrade::MinimalSteps "<%= @minimal_steps.to_s %>";
+
+// Install all unattended-upgrades when the machine is shuting down
+// instead of doing it in the background while the machine is running
+// This will (obviously) make shutdown slower
+Unattended-Upgrade::InstallOnShutdown "<%= @install_on_shutdown.to_s %>";
+
+<% unless @mail_to.nil? %>
+// Send email to this address for problems or packages upgrades
+// If empty or unset then no email is sent, make sure that you
+// have a working mail setup on your system. A package that provides
+// 'mailx' must be installed.
+Unattended-Upgrade::Mail "<%= @mail_to %>";
+
+// Set this value to "true" to get emails only on errors. Default
+// is to always send a mail if Unattended-Upgrade::Mail is set
+Unattended-Upgrade::MailOnlyOnError "<%= @mail_only_on_error.to_s %>";
+<% end %>
+
+// Do automatic removal of new unused dependencies after the upgrade
+// (equivalent to apt-get autoremove)
+Unattended-Upgrade::Remove-Unused-Dependencies "<%= @_auto['remove'].to_s %>";
+
+// Automatically reboot *WITHOUT CONFIRMATION* if a
+// the file /var/run/reboot-required is found after the upgrade
+Unattended-Upgrade::Automatic-Reboot "<%= @_auto['reboot'].to_s %>";
+
+<% unless @dl_limit.nil? %>
+// Use apt bandwidth limit feature, this example limits the download
+// speed to 70kb/sec
+Acquire::http::Dl-Limit "<%= @dl_limit %>";
+<% end %>
-- 
cgit v1.2.3