With such a pinning setup, when Squeeze is released, systems using this module
with $apt_use_next_release set to true would immediately switch to prefer
packages from Squeeze. If an automated upgrade process is setup, they would be
automatically upgraded to Squeeze.
This does not sound safe to me, so let's use the release version number as an
additional selection criterion to prevent upgrades to Squeeze to happen behind
our back:
intrigeri [Sat, 11 Dec 2010 13:43:24 +0000 (14:43 +0100)]
New class: apt::reboot_required_notify
This class installs a daily cronjob that checks if a package upgrade
requires the system to be rebooted; if so, cron sends a notification
email to root.
Micah Anderson [Thu, 9 Dec 2010 03:25:09 +0000 (22:25 -0500)]
add apt-listchanges support. this is a nice compliment to using the upgrade_package functionality, because you get an email when the package has been upgraded.
Micah Anderson [Thu, 9 Dec 2010 03:24:24 +0000 (22:24 -0500)]
add apticron support.
Why apticron, when we have cron-apt already? Some people have different preferences, we use apticron along with the upgrade_package functionality in this module. I know someone who uses cron-apt to run the upgrades, but apticron for notifications, because apticron's notifications are much nicer (cron-apt just gives you the output of apt-get upgrade)
Micah Anderson [Wed, 8 Dec 2010 04:57:25 +0000 (23:57 -0500)]
multiple sources for templates are not allowed (see #1818), so revert it to a single source referenced by the README, and clarify the README to indicate how you can pass the preseed contents directly
Micah Anderson [Wed, 8 Dec 2010 03:59:58 +0000 (22:59 -0500)]
switch to archive name for lenny default preferences
the templates/Debian/preferences_lenny.erb file checked in with e2f80db7b76171e5945127e2fd42fb35043990fb contains pinning based on codename,
which is not supported in lenny (see #433624 - if you look at the version graph,
you see, "Fixed in version 0.7.21", and lenny has 0.7.20.2+lenny1.)
Micah Anderson [Tue, 7 Dec 2010 18:44:30 +0000 (13:44 -0500)]
README update: clarify that the debian-archive-keyring is managed already
Just so people are clear that they do not need to specify a $custom_key_dir to manage the debian archive keyring, I've added some clarifying text so you know that this is not necessary
Micah Anderson [Tue, 7 Dec 2010 18:39:54 +0000 (13:39 -0500)]
README update: clarify the site-apt preferences options
The README described a few things that were not true relating to the
apt/preferences file.
First of all it said you could ship a 'file', but preferences.pp very clearly
uses the 'content => $custom_preferences' parameter, which will not take file
sources, only templates.
Secondly, it seemed to imply that you could just drop the custom preferences
into your site-apt and it would work. But you actually need to set the
$custom_preferences to indicate the content source.
Lastly, it said that you could specify a host-specific file in the site-apt
module, but there is no facility for this (nor can you use files).
Perhaps this is where this module is going eventually, once we have a
preferences.d possibility? Until then, it makes more sense to have it reflect
the current situation.
Micah Anderson [Tue, 7 Dec 2010 17:46:37 +0000 (12:46 -0500)]
switch the default $debian_url to use the Debian CDN mirror address.
The CDN checks your IP and uses the Max-Mind geoIP DB to determine your location and then uses your local country Debian Mirror, or if your local country doesn't have a debian mirror, it uses the local continent. It automatically checks and prunes dead mirrors. the technology for the Debian CDN setup is still improving, I believe that ASN-number associations are the next step to attempt to make more informed, finer-grained choices.
This is more useful than using ftp.debian.org because that is just a round-robin DNS entry that could get you any mirror anywhere.
Micah Anderson [Tue, 7 Dec 2010 17:20:14 +0000 (12:20 -0500)]
Set dselect DSelect::Clean to 'pre-auto' by default for hosts that are vservers.
Before you only had the choice of setting a 03clean apt configuration for either
all hosts, or every single host. Setting it to have the recommended settings for
vservers for all hosts meant that you were setting it for non-vservers as well
as vservers. The other option you had was to set it per host. This was a bit
annoying if you have any more than one vserver because you would need to create
a 03clean for every single vserver guest.
This change auto-detects if the node is a vserver, and if it is it automatically
installs the 03clean_vserver file, with the recommended DSelect::Clean settings,
and allows you to override this for all of your vservers, or for specific hosts.
Gabriel Filion [Mon, 29 Nov 2010 18:37:53 +0000 (13:37 -0500)]
apt_conf: change mode to 644
Current mode (600) makes it impossible to use apt-cache to search for
package names and info, since it tries to read all configuration files
in /etc/apt/apt.conf.d before executing.
Change configuration file mode to 644 so that search tasks can be made
without root priviledge.
My branch already has support for defining custom APT mirrors location.
See $apt_debian_url, $apt_security_url, $apt_backports_url, $apt_volatile_url.
=> Discarding the addition of $main_apt_source.
Incompatible change: I do prefer my own generic apt/preferences template to
shipping a static file that only supports Lenny. My own template supports
security, backports, volatile, next release etc.
intrigeri [Wed, 10 Nov 2010 13:44:01 +0000 (14:44 +0100)]
Do not refresh APT lists on every run.
Let's set refreshonly on the 'update_apt' Exec (aliased to 'apt_updated')
instead of removing it for backward compatibility: it may be in use at some
places to trigger updates.
Gabriel Filion [Mon, 25 Oct 2010 17:58:14 +0000 (13:58 -0400)]
Change "brought to you" into "managed" in headers
File headers are there to indicate that the files should not be touched
directly on the server. By changing the first sentence to "This file is
managed by Puppet", we reinforce the idea that it is already taken care
of by something else.
Gabriel Filion [Mon, 25 Oct 2010 16:36:59 +0000 (12:36 -0400)]
Ensure presence of sources.list.d and watch it
Add a file resource on the apt/sources.list.d directory to ensure that
it is created as a directory and watch it for modifications to
automatically refresh the apt cache.
Gabriel Filion [Mon, 25 Oct 2010 16:32:49 +0000 (12:32 -0400)]
Remove $apt_unattended_upgrades
Unattended upgrades are not always necessary. Including the
apt::unattended_upgrades class through the main apt class is not
appropriate. It is better to make nodes include the
apt::unattended_upgrades class explicitly.
Remove the $apt_unattended_upgrades variable along with the include in
the 'apt' class.
Gabriel Filion [Mon, 25 Oct 2010 16:17:50 +0000 (12:17 -0400)]
Fix apt::preferences::absent
Currently, setting the $custom_preferences variable to false fails
because of the /etc/apt/preferences concatenated_file being re-defined.
Fix this by setting dependencies on the resource only when we expect to
create the /etc/apt/preferences file. Also, since there is no "ensure"
parameter to concatenated_file, use a simple file resource to ensure
that it is removed.
Gabriel Filion [Mon, 25 Oct 2010 15:58:27 +0000 (11:58 -0400)]
Include the protocol in the proxy URL
The current proxy_client template makes it possible to communicate with
the proxy only via HTTP. Add the protocol to the variable so that it's
possible to change the protocol.
Gabriel Filion [Mon, 25 Oct 2010 15:44:41 +0000 (11:44 -0400)]
Remove the now unused $apt_clean variable
This variable was deprecated in favor of using a list of file sources.
to change the value of the 'clean' property, you can either define a
file '03clean' in a site-apt module, or a per-host '$fqdn/03clean' file
in the same site-apt module.
Also, move the moduledir stuff below nearer to where it's actually used.
Gabriel Filion [Mon, 25 Oct 2010 05:44:04 +0000 (01:44 -0400)]
rename things for easier understanding
remove the use of _snippet in names (except for preferences_snippet) so
that they represent directly a resource name.
rename custom_sources_template to sources_list.
modify sources_list to make it more flexible (gives the opportunity to
provide sources or content). this changes its behaviour in that the name
is now the name of the file in sources.list.d
rename proxy-client to proxy_client to use the same standard for its
name as the other classes.
Gabriel Filion [Mon, 25 Oct 2010 04:14:33 +0000 (00:14 -0400)]
refactor: simplify and remove inline content
Simplifications: make apt_conf_snippet repeat less code, make code that
generates sources.list more concise.
Remove all inline content in favor of templates and static files.
The ability to include sources for static files was needed for
the main 'preferences' file, so it was added to the preferences_snippet
define.
Gabriel Filion [Sun, 24 Oct 2010 13:07:34 +0000 (09:07 -0400)]
Add apt_conf_snippet and use it where possible
With the new define, it's easy to add an apt.conf snippet in apt.conf.d
It accepts either 'sources' to get a static file or 'content' to define
content inline or with the help of a template.
Put it to use where we create files in apt.conf.d
Finally, fix the dependancy to the apt_config file (however, I don't see
the need for this dependancy)
Gabriel Filion [Sun, 24 Oct 2010 11:32:14 +0000 (07:32 -0400)]
Move default_sources_list into apt class
The contents of the file default_sources_list.pp is used in only one
place. Remove the file and move its contents inside the apt class in
order to have one less useless depth level.
Gabriel Filion [Mon, 18 Oct 2010 05:45:22 +0000 (01:45 -0400)]
Make it possible to ensure preferences is absent
The current code makes it mandatory to have a file /etc/apt/preferences
present. In the event that this file is empty or contains a space,
apt-get update cannot execute.
Add a case with the special value "false" that ensures the file does not
exist.
projects / puppet-apt.git / log