backports.debian.org is added.
- dselect is switched to expert mode to suppress superfluous help screens.
-
- sources.list and apt_preferences are managed. More recent Debian
- releases are pinned to very low values by default to prevent
- accidental upgrades.
-/etc/apt/sources.list and /etc/apt/preferences are managed. Testing and
-unstable are pinned to very low values by default to prevent accidental
-upgrades.
++/etc/apt/sources.list and /etc/apt/preferences are managed. More
++recent Debian releases are pinned to very low values by default to
++prevent accidental upgrades.
-This module needs lsb-release installed.
+Ubuntu support is lagging behind but not absent either.
-By default, this module sets the cofiguration option DSelect::Clean to 'auto'.
+This module needs:
+
+- lsb-release installed
+- the common module: git://labs.riseup.net/shared-common
+
++By default, this module sets the configuration option DSelect::Clean to 'auto'.
+ It is the recommended value on normal hosts. On virtual servers, the
+ recommended value is 'pre-auto', since virtual servers are usually more
+ space-bound and have better recovery mechanisms via the host:
- Variables
- =========
-
- $apt_clean
- ----------
- Sets DSelect::Clean, defaults to 'auto' on normal hosts and 'pre-auto'
- in vservers, since the latter are usually more space-bound and have
- better recovery mechanisms via the host:
-
- From apt.conf(5), 0.7.2:
+ From apt.conf(5), 0.7.2:
"Cache Clean mode; this value may be one of always, prompt, auto,
pre-auto and never. always and prompt will remove all packages
from the cache after upgrading, prompt (the default) does so
instance). pre-auto performs this action before downloading new
packages."
+ To change the default setting for DSelect::Clean, you can create a file named
+ "03clean" in a site-apt module's files directory. You can also define this for
+ a specific host by creating a file in a subdirectory of the site-apt modules'
+ files directory that is named the same as the host. (example:
+ site-apt/files/some.host.com/03clean)
+
+ Variables
+ =========
+
$lsbdistcodename
- ----------------
+ ----------------
+
Contains the codename ("etch", "lenny", ...) of the client's
release. While these values come from lsb-release by default, this
- value can be set manually too, e.g. to enable forced upgrades
+ value can be set manually too, e.g. to enable forced upgrades.
-$main_apt_source
-----------------
-
-If the default sources.list template (see next variable) suits your needs but
-you simply need to change the URL to the apt source used, set this variable to
-the URL that is desired. The default value for this variable is
-"http://ftp.debian.org/debian/" for Debian and
-"http://de.archive.ubuntu.com/ubuntu/" for Ubuntu.
-
-Here's an example for setting a local source near Montreal, Quebec, Canada:
-
- $apt_main_source = "ftp://debian.mirror.iweb.ca/debian/"
-
$custom_sources_list
--------------------
- By default this module will use a basic apt/sources.list.
- If you need to set more specific sources, e.g. for proxies, etc. you
- can set this variable to the location of your sources.list template.
- For example, setting the following variable before including this
- class will pull in the templates/apt/sources.list file:
- $custom_sources_list ='template("apt/sources.list")'
-
+
-By default this module will use a basic apt/sources.list template with a
-generic debian mirror. If you need to set more specific sources, e.g. changing
-the sections included in the source or removing backports, etc. you can set
++By default this module will use a basic apt/sources.list template with
++a generic Debian mirror. If you need to set more specific sources,
++e.g. changing the sections included in the source, etc. you can set
+ this variable to the content that you desire to use instead.
+
+ For example, setting the following variable before including this class will
+ pull in the templates/site-apt/sources.list file:
+
+ $custom_sources_list = template("site-apt/sources.list")
+
-$custom_preferences
--------------------
+$custom_preferences
+--------------------
- By default this module will use a basic apt/preferences file with
- more recent releases pinned to very low values so that any package
+
-Since Debian stable's version of apt doesn't support the use of the
-preferences.d directory for putting fragments of 'preferences', this module
-will manage a default basic apt/preferences file with unstable and testing
-pinned to very low values so that any package installation will not
-accidentally pull in packages from those suites unless you explicitly specify
-the version number. This file will be complemented with all of the
-preferences_snippet calls (see below).
++Since Debian stable's version of APT doesn't support the use of the
++preferences.d directory for putting fragments of 'preferences', this
++module will manage a default generic apt/preferences file with more
++recent releases pinned to very low values so that any package
+installation will not accidentally pull in packages from those suites
- unless you explicitly specify the version number. You can set this
- variable to pull in a customized apt/preferences template, for
- example, setting the following variable before including this class
- will pull in the templates/apt/preferences file:
- $custom_preferences = 'template("apt/preferences")'
++unless you explicitly specify the version number. This file will be
++complemented with all of the preferences_snippet calls (see below).
+
-If you are not using the 'stable' branch or if the default preferences file
-doesn't suit your needs, you can create a file named 'preferences' in a
-site-apt module's files directory. You can also create a host-specific file:
++If the default preferences template doesn't suit your needs, you can
++create a file named 'preferences' in a site-apt module's files
++directory. You can also create a host-specific file:
+
+ site-apt
+ - files/
+ - server.domain.com/
+ - preferences
+ preferences
- Also, if you need the preferences file to be absent, set this variable to false:
-You can set this variable to false before including this class will force the
++Setting this variable to false before including this class will force the
+ apt/preferences file to be absent:
- $custom_preferences = false
+ $custom_preferences = false
$custom_key_dir
---------------
If you have different apt-key files that you want to get added to your
apt keyring, you can set this variable to a path in your fileserver
where individual key files can be placed. If this is set and keys
- exist there, this module will apt-key add each key
+ exist there, this module will 'apt-key add' each key.
- $apt_unattended_upgrades
- ------------------------
+ $apt_proxy / $apt_proxy_port
+ ----------------------------
+
+ When you include the apt::proxy_client class in your nodes, you can set the
+ $apt_proxy variable to the URL of the proxy that will be used.
+ By default, the proxy will be queried on port 3142, but you can change the port
+ number by setting the $apt_proxy_port variable.
- If this variable is set to true apt::unattended_upgrades is included,
- which will install the package unattended-upgrades and configure it to
- daily upgrade the system.
+ Here's an example of setting the proxy to 'http://proxy.domain' at port 666:
+
+ $apt_proxy = 'http://proxy.domain'
+ $apt_proxy_port = 666
+ include apt::proxy_client
+$apt_volatile_enabled
+-----------------
+
+If this variable is set to true the Debian Volatile sources are added.
+By default this is false for backward compatibility with older
+versions of this module.
+
+$apt_include_src
+----------------
+
+If this variable is set to true a deb-src source is added for every
+added binary archive source.
+By default this is false for backward compatibility with older
+versions of this module.
+
+$apt_use_next_release
+---------------------
+
+If this variable is set to true the sources for the next Debian
+release are added. The default pinning configuration pins it to very
+low values.
+By default this is false for backward compatibility with older
+versions of this module.
+
+$apt_debian_url, $apt_security_url, $apt_backports_url, $apt_volatile_url
+-------------------------------------------------------------------------
+
+These variables allow to override the default APT mirrors respectively
+used for the standard Debian archives, the Debian security archive,
+the Debian official backports and the Debian Volatile archive.
+
+$apt_ubuntu_url
+---------------
+
+These variables allows to override the default APT mirror used for all
+standard Ubuntu archives (including updates, security, backports).
+
+$apt_repos
+----------
+
+If this variable is set the default repositories list ("main contrib non-free")
+is overriden.
+
Classes
=======
-Most of the functionality is provided by the 'apt' class, but some
-functionality is not inclulded by default. To use it, you must inlucde one of
-the following classes:
+apt
+---
+
- The apt class sets up all documented functionality but cron-apt.
++The apt class sets up most of the documented functionality. To use
++functionality that is not enabled by default, you must inlucde one of
++the following classes.
+
+apt::cron::download
+-------------------
+
+This class sets up cron-apt so that it downloads upgradable packages,
+does not actually do any upgrade and email when the output changes.
+
+apt::cron::dist-upgrade
+-----------------------
+
+This class sets up cron-apt so that it dist-upgrades the system and
+email when upgrades are performed.
+ apt::dselect
+ ------------
+
+ This class, when included, installs dselect and switches it to expert mode to
+ suppress superfluous help screens.
+
+ apt::proxy_client
+ -----------------
+
+ This class adds the right configuration to apt to make it fetch packages via a
+ proxy. The variables $apt_proxy and $apt_proxy_port need to be set (see above).
+
+ apt::unattended_upgrades
+ ------------------------
+
+ If this class is included, it will install the package 'unattended-upgrades'
+ and configure it to daily upgrade the system.
+
Defines
=======
TODO
====
- Enable debian-archive-keyring handling for sarge, lenny and sid.
+ Currently this module updates the caches on every run. Running apt-get update is
-an expensive operation and should be done only on schedule by using apticron.
++an expensive operation and should be done only on schedule by using
++apticron or cron-apt.
+
- Currently this module updates the caches on every run. Running dselect update is
- a expensive operation and should be done only on schedule by using apticron.
Sometimes -- especially when initially starting management or deploying new
packages -- a immediate update is really needed to be able to install the right
packages without errors. Thus a method should be devised to be able to specify
- # This file is brought to you by puppet
+ # This file is managed by puppet
# all local modifications will be overwritten
-# basic <%= lsbdistcodename %>
-deb <%= real_main_apt_source %> <%= lsbdistcodename %> main contrib non-free
-# security suppport
-<% if (lsbdistcodename == "sid" || lsbdistcodename == "unstable") -%>
-# There is no security mirror for <%= lsbdistcodename %>
+### Debian current: <%= codename %>
+
+# basic
+deb <%= debian_url %> <%= codename %> <%= repos %>
+<% if include_src then -%>
+deb-src <%= debian_url %> <%= codename %> <%= repos %>
+<% end -%>
+
+# security
+<% if (release == "unstable" || release == "experimental") -%>
+# There is no security support for <%= release %>
+<% else -%>
+deb <%= security_url %> <%= codename %>/updates <%= repos %>
+<% if include_src then -%>
+deb-src <%= security_url %> <%= codename %>/updates <%= repos %>
+<% end -%>
+<% end -%>
+
+# backports
+<% if (release == "testing" || release == "unstable" || release == "experimental") -%>
+# There is no backports archive for <%= release %>
+<% else -%>
+deb <%= backports_url %> <%= codename %>-backports <%= repos %>
+<% if include_src then -%>
+deb-src <%= backports_url %> <%= codename %>-backports <%= repos %>
+<% end -%>
+<% end -%>
+
+<% if use_volatile -%>
+# volatile
+<% if (release == "testing" || release == "unstable" || release == "experimental") -%>
+# There is no volatile archive for <%= release %>
+<% else -%>
+deb <%= volatile_url %> <%= codename %>/volatile <%= repos %>
+<% if include_src then -%>
+deb-src <%= volatile_url %> <%= codename %>/volatile <%= repos %>
+<% end -%>
+<% end -%>
+<% end -%>
+
+<% if use_next_release then -%>
+### Debian next: <%= next_codename %>
+
+# basic
+deb <%= debian_url %> <%= next_codename %> <%= repos %>
+<% if include_src then -%>
+deb-src <%= debian_url %> <%= next_codename %> <%= repos %>
+<% end -%>
+
+# security
+<% if (next_release == "unstable" || next_release == "experimental") -%>
+# There is no security support for <%= next_release %>
<% else -%>
-deb http://security.debian.org/ <%= lsbdistcodename %>/updates main contrib non-free
+deb <%= security_url %> <%= next_codename %>/updates <%= repos %>
+<% if include_src then -%>
+deb-src <%= security_url %> <%= next_codename %>/updates <%= repos %>
+<% end -%>
<% end -%>
# backports
projects / puppet-apt.git / commitdiff