aboutsummaryrefslogtreecommitdiff
path: root/manifests/init.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/init.pp')
-rw-r--r--manifests/init.pp384
1 files changed, 142 insertions, 242 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index c431b59..b5be91f 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -5,273 +5,173 @@
class apt {
- # See README
- $real_apt_clean = $apt_clean ? {
- '' => 'auto',
- default => $apt_clean,
- }
-
- $backports_enabled = $backports_enabled ? {
- '' => 'false',
- default => $backports_enabled,
- }
-
- $apt_update_method = $apt_update_method ? {
- '' => 'exec',
- default => $apt_update_method,
+ $use_volatile = $apt_volatile_enabled ? {
+ '' => false,
+ default => $apt_volatile_enabled,
}
- $apt_http_proxy = $apt_http_proxy ? {
+ $include_src = $apt_include_src ? {
'' => false,
- default => $apt_http_proxy,
+ default => $apt_include_src,
}
- $apt_ftp_proxy = $apt_ftp_proxy ? {
+ $use_next_release = $apt_use_next_release ? {
'' => false,
- default => $apt_ftp_proxy,
+ default => $apt_use_next_release,
}
- package { apt: ensure => installed }
-
- # a few templates need lsbdistcodename
- include lsb
-
- case $custom_sources_list {
- '': {
- include default_sources_list
- }
- default: {
- config_file { "/etc/apt/sources.list":
- content => $custom_sources_list,
- }
- }
- }
+ $debian_url = $apt_debian_url ? {
+ '' => 'http://cdn.debian.net/debian/',
+ default => "${apt_debian_url}",
+ }
+ $security_url = $apt_security_url ? {
+ '' => 'http://security.debian.org/',
+ default => "${apt_security_url}",
+ }
+ $backports_url = $apt_backports_url ? {
+ '' => 'http://backports.debian.org/debian-backports/',
+ default => "${apt_backports_url}",
+ }
+ $volatile_url = $apt_volatile_url ? {
+ '' => 'http://volatile.debian.org/debian-volatile/',
+ default => "${apt_volatile_url}",
+ }
+ $ubuntu_url = $apt_ubuntu_url ? {
+ '' => 'http://archive.ubuntu.com/ubuntu',
+ default => "${apt_ubuntu_url}",
+ }
+ case $operatingsystem {
+ 'debian': {
+ $repos = $apt_repos ? {
+ '' => 'main contrib non-free',
+ default => "${apt_repos}",
+ }
+ }
+ 'ubuntu': {
+ $repos = $apt_repos ? {
+ '' => 'main restricted universe multiverse',
+ default => "${apt_repos}",
+ }
+ }
+ }
- class default_sources_list {
- config_file {
- # include main, security and backports
- # additional sources could be included via an array
- "/etc/apt/sources.list":
- content => template("apt/sources.list.erb"),
- }
- }
+ package { apt:
+ ensure => installed,
+ require => undef,
+ }
- case $custom_preferences {
- '': {
- include default_preferences
- }
- default: {
- config_file { "/etc/apt/preferences":
- content => $custom_preferences,
- alias => "apt_config",
- require => File["/etc/apt/sources.list"];
- }
- }
- }
- class default_preferences {
- config_file {
- # this just pins unstable and testing to very low values
- "/etc/apt/preferences":
- content => template("apt/preferences.erb"),
- # use Config_File["apt_config"] to reference a completed configuration
- # See "The Puppet Semaphor" 2007-06-25 on the puppet-users ML
- alias => "apt_config",
- # only update together
- require => File["/etc/apt/sources.list"];
- # little default settings which keep the system sane
- "/etc/apt/apt.conf.d/from_puppet":
- content => "APT::Get::Show-Upgraded true;\nDSelect::Clean $real_apt_clean;\n",
- before => Config_File["apt_config"];
- }
- }
+ include lsb
- $apt_base_dir = "${common::moduledir::module_dir_path}/apt"
- module_dir { apt: }
- # watch apt.conf.d
- file { "/etc/apt/apt.conf.d": ensure => directory, checksum => mtime; }
+ # init $release, $next_release, $codename, $next_codename, $release_version
+ case $lsbdistcodename {
+ '': {
+ $codename = $lsbdistcodename
+ $release = $lsbdistrelease
+ }
+ default: {
+ $codename = $lsbdistcodename
+ $release = debian_release($codename)
+ }
+ }
+ $release_version = debian_release_version($codename)
+ $next_codename = debian_nextcodename($codename)
+ $next_release = debian_nextrelease($release)
+
+ config_file {
+ # include main, security and backports
+ # additional sources should be included via the apt::sources_list define
+ "/etc/apt/sources.list":
+ content => $custom_sources_list ? {
+ '' => template( "apt/$operatingsystem/sources.list.erb"),
+ default => $custom_sources_list
+ },
+ require => Package['lsb'];
+ }
- exec {
- # "&& sleep 1" is workaround for older(?) clients
- "/usr/bin/apt-get update && sleep 1 #on refresh":
- refreshonly => true,
- subscribe => [ File["/etc/apt/sources.list"],
- File["/etc/apt/preferences"], File["/etc/apt/apt.conf.d"],
- Config_File["apt_config"] ],
+ apt_conf { "02show_upgraded":
+ source => [ "puppet:///modules/site-apt/${fqdn}/02show_upgraded",
+ "puppet:///modules/site-apt/02show_upgraded",
+ "puppet:///modules/apt/02show_upgraded" ]
}
- if $apt_update_method == 'exec' {
- exec { "/usr/bin/apt-get update > /dev/null 2>&1 && /usr/bin/apt-get autoclean > /dev/null 2>&1 #hourly":
- require => [ File["/etc/apt/sources.list"], File["/etc/apt/preferences"], Config_File["apt_config"] ],
- # Another Semaphor for all packages to reference
- alias => apt_updated,
- }
- } else {
- cron { "apt_updated":
- command => "/usr/bin/apt-get update > /dev/null 2>&1 && /usr/bin/apt-get autoclean > /dev/null 2>&1",
- user => root,
- hour => "*/1",
- minute => "0",
- ensure => present,
- require => [ File["/etc/apt/sources.list"], File["/etc/apt/preferences"], Config_File["apt_config"] ],
+ if ( $virtual == "vserver" ) {
+ apt_conf { "03clean_vserver":
+ source => [ "puppet:///modules/site-apt/${fqdn}/03clean_vserver",
+ "puppet:///modules/site-apt/03clean_vserver",
+ "puppet:///modules/apt/03clean_vserver" ],
+ alias => "03clean";
}
}
-
- ## This package should really always be current
- package { "debian-archive-keyring":
- ensure => latest,
- }
-
- case $volatile_enabled {
- true: {
- config_file { "/etc/apt/sources.list.d/debian-volatile.list":
- content => template("apt/sources.list.volatile.erb"),
- }
+ else {
+ apt_conf { "03clean":
+ source => [ "puppet:///modules/site-apt/${fqdn}/03clean",
+ "puppet:///modules/site-apt/03clean",
+ "puppet:///modules/apt/03clean" ]
}
- default: {
- config_file { "/etc/apt/sources.list.d/debian-volatile.list":
- ensure => absent,
- }
+ }
+
+ case $custom_preferences {
+ false: {
+ include apt::preferences::absent
+ }
+ default: {
+ # When squeeze becomes the stable branch, transform this file's header
+ # into a preferences.d file
+ include apt::preferences
}
}
- case $backports_enabled {
- true: {
- config_file {
- # backports
- "/etc/apt/sources.list.d/debian-backports.list":
- content => template("apt/sources.list.backports.erb"),
- }
-
- case $lsbdistcodename {
- etch: {
- package { "debian-backports-keyring":
- ensure => latest,
- }
-
- # This key was downloaded from
- # http://backports.org/debian/archive.key
- # and is needed to bootstrap the backports trustpath
- file { "${apt_base_dir}/backports.org.key":
- source => "puppet://$server/modules/apt/backports.org.key",
- mode => 0444, owner => root, group => root,
- }
- exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
- alias => "backports_key",
- refreshonly => true,
- subscribe => File["${apt_base_dir}/backports.org.key"],
- before => [ Config_File["apt_config"], Package["debian-backports-keyring"] ]
- }
- }
- lenny: {
- package { "debian-backports-keyring":
- ensure => latest,
- }
-
- # This key was downloaded from
- # http://backports.org/debian/archive.key
- # and is needed to bootstrap the backports trustpath
- file { "${apt_base_dir}/backports.org.key":
- source => "puppet://$server/modules/apt/backports.org.key",
- mode => 0444, owner => root, group => root,
- }
- exec { "/usr/bin/apt-key add ${apt_base_dir}/backports.org.key && apt-get update":
- alias => "backports_key",
- refreshonly => true,
- subscribe => File["${apt_base_dir}/backports.org.key"],
- before => [ Config_File["apt_config"], Package["debian-backports-keyring"] ]
- }
- }
- }
-
- }
- default: { }
- }
-
-
+ # backward compatibility: upgrade from previous versions of this module.
+ file {
+ [ "/etc/apt/apt.conf.d/from_puppet", "/etc/apt/apt.conf.d/99from_puppet" ]:
+ ensure => 'absent',
+ require => [ Apt_conf['02show_upgraded'], Apt_conf['03clean'] ];
+ }
- case $custom_key_dir {
- '': { }
- default: {
- file { "${apt_base_dir}/keys.d":
- source => "$custom_key_dir",
- recurse => true,
- mode => 0755, owner => root, group => root,
- }
- exec { "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && apt-get update":
- alias => "custom_keys",
- subscribe => File["${apt_base_dir}/keys.d"],
- refreshonly => true,
- before => Config_File["apt_config"];
- }
- }
- }
+ # watch .d directories and ensure they are present
+ file { "/etc/apt/apt.conf.d": ensure => directory, checksum => mtime; }
+ file { "/etc/apt/sources.list.d":
+ ensure => directory,
+ checksum => mtime,
+ notify => Exec['refresh_apt'],
+ }
- # workaround for preseeded_package component
- file { "/var/cache": ensure => directory }
- file { "/var/cache/local": ensure => directory }
- file { "/var/cache/local/preseeding/": ensure => directory }
+ exec {
+ # "&& sleep 1" is workaround for older(?) clients
+ 'refresh_apt':
+ command => '/usr/bin/apt-get update && sleep 1',
+ refreshonly => true,
+ subscribe => [ File['/etc/apt/apt.conf.d'], Config_file['/etc/apt/sources.list'] ];
+ }
- define preseeded_package ($content = "", $ensure = "installed") {
- $seedfile = "/var/cache/local/preseeding/$name.seeds"
- $real_content = $content ? {
- "" => template ( "$debian_version/$name.seeds" ),
- Default => $content
- }
-
- file{ $seedfile:
- content => $real_content,
- mode => 0600, owner => root, group => root,
- }
-
- package { $name:
- ensure => $ensure,
- responsefile => $seedfile,
- require => File[$seedfile],
- }
- }
+ ## This package should really always be current
+ package { "debian-archive-keyring": ensure => latest }
- define upgrade_package ($version = "") {
- case $version {
- '': {
- exec { "aptitude -y install $name":
- onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ],
- }
- }
- 'latest': {
- exec { "aptitude -y install $name":
- onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ],
- }
- }
- default: {
- exec { "aptitude -y install $name=$version":
- onlyif => [ "grep-status -F Status installed -a -P $name -q", "apt-show-versions -u $name | grep -q upgradeable" ],
- }
- }
- }
- }
+ # backports uses the normal archive key now
+ package { "debian-backports-keyring": ensure => absent }
- if $apt_http_proxy or $apt_ftp_proxy {
- file { "/etc/apt/apt.conf.d/proxy":
- owner => root,
- group => root,
- mode => 0644,
- content => template("apt/proxy.erb"),
- require => Config_File["apt_config"],
- }
- } else {
- file { "/etc/apt/apt.conf.d/proxy":
- ensure => absent,
- }
- }
-}
+ include common::moduledir
+ $apt_base_dir = "${common::moduledir::module_dir_path}/apt"
+ modules_dir { apt: }
-class dselect {
- # suppress annoying help texts of dselect
- line { dselect_expert:
- file => "/etc/dpkg/dselect.cfg",
- line => "expert",
- ensure => present,
- }
+ if $custom_key_dir {
+ file { "${apt_base_dir}/keys.d":
+ source => "$custom_key_dir",
+ recurse => true,
+ mode => 0755, owner => root, group => root,
+ }
+ exec { "custom_keys":
+ command => "find ${apt_base_dir}/keys.d -type f -exec apt-key add '{}' \\; && /usr/bin/apt-get update",
+ subscribe => File["${apt_base_dir}/keys.d"],
+ refreshonly => true,
+ }
+ if $custom_preferences != false {
+ Exec["custom_keys"] {
+ before => Concatenated_file[apt_config],
+ }
+ }
+ }
- package { dselect: ensure => installed }
+ # workaround for preseeded_package component
+ file { [ "/var/cache", "/var/cache/local", "/var/cache/local/preseeding" ]: ensure => directory }
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-24 07:36:56 +0000