blob: 6f569578973af152010af52a2a9f9415f3b779d6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
# unattended\_upgrades
## Overview
The unattended\_upgrades module allows for the installation and configuration of automatic security (and other) updates through apt.
This functionality used to be part of the puppetlabs-apt module but was split off into its own module.
## Module Description
The unattended\_upgrades module automates the configuration of apt package updates.
## Setup
### What unattended\_upgrades affects:
* Package/configuration for unattended\_upgrades
### Beginning with unattended\_upgrades
All you need to do is include the module `include unattended_upgrades`.
## Usage
Using unattended\_upgrades simply consists of including the module and if needed altering some of the default settings.
## Reference
### Classes
* `unattended_upgrades`: Main class, installs the necessary packages and writes the configuration.
### Parameters
#### unattended\_upgrades
* `auto`: A hash of settings with three possible keys:
* `fix_interrupted_dpkg`(`true`): Try to fix package installation state
* `reboot`(`false`): Reboot system after package update installation
* `remove`(`true`): Remove unneeded dependencies after update installation
Any of these keys can be specified and will be merged into the defaults, so if you only want to change the `reboot` behaviour the following is enough:
```puppet
class { 'unattended_upgrades':
auto => { 'reboot' => true },
}
```
* `blacklist`(`[]`): A list of packages to **not** automatically upgrade. This list is empty by default.
* `dl_limit`(`undef`): Use a bandwidth limit for downloading, specified in kb/sec.
* `enable` (`1`): Enable the automatic installation of updates.
* `install_on_shutdown` (`false`): Install updates on shutdown instead of in the background.
* `legacy_origin` (`false`): Use the legacy `Unattended-Upgrade::Allowed-Origins` setting or the modern `Unattended-Upgrade::Origins-Pattern`.
* `mail`: A hash to configure email behaviour. The possible keys are:
* `only_on_error` (`true`): Only send mail when something went wrong
* `to` (`undef`): Email address to send email too
If the default for `to` is kept you will not receive any mail at all. You'll likely want to set this parameter:
```puppet
class { 'unattended_upgrades':
mail => { 'to' => 'admin@domain.tld', },
}
```
* `minimal_steps` (`true`): Split the upgrade process into sections to allow shutdown during upgrade.
* `origins`: The repositories from which to automatically upgrade included packages.
* `package_ensure` (`installed`): The ensure state for the 'unattended-upgrades' package.
## Limitations
This module should work across all versions of Debian/Ubuntu.
## License
The original code for this module comes from Evolving Web and was licensed under the MIT license. Code added since the fork of that module into puppetlabs-apt is covered under the Apache License version 2 as is any code added since it was split off into this separate unattended\_upgrades module.
The LICENSE contains both licenses.
|