Puppet Class: apt

Inherits:
apt::params
Defined in:
manifests/init.pp

Summary

Main class, includes all other classes.

Overview

Parameters:

  • provider (String) (defaults to: $apt::params::provider)

    Specifies the provider that should be used by apt::update.

  • keyserver (String) (defaults to: $apt::params::keyserver)

    Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or hkp://).

  • key_options (Optional[String]) (defaults to: $apt::params::key_options)

    Specifies the default options for apt::key resources.

  • ppa_options (Optional[String]) (defaults to: $apt::params::ppa_options)

    Supplies options to be passed to the ‘add-apt-repository` command.

  • ppa_package (Optional[String]) (defaults to: $apt::params::ppa_package)

    Names the package that provides the ‘apt-add-repository` command.

  • backports (Optional[Hash]) (defaults to: $apt::params::backports)

    Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys:

  • confs (Hash) (defaults to: $apt::params::confs)

    Creates new ‘apt::conf` resources. Valid options: a hash to be passed to the create_resources function linked above.

  • update (Hash) (defaults to: $apt::params::update)

    Configures various update settings. Valid options: a hash made up from the following keys:

  • purge (Hash) (defaults to: $apt::params::purge)

    Specifies whether to purge any existing settings that aren’t managed by Puppet. Valid options: a hash made up from the following keys:

  • proxy (Apt::Proxy) (defaults to: $apt::params::proxy)

    Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy.

  • sources (Hash) (defaults to: $apt::params::sources)

    Creates new ‘apt::source` resources. Valid options: a hash to be passed to the create_resources function linked above.

  • keys (Hash) (defaults to: $apt::params::keys)

    Creates new ‘apt::key` resources. Valid options: a hash to be passed to the create_resources function linked above.

  • ppas (Hash) (defaults to: $apt::params::ppas)

    Creates new ‘apt::ppa` resources. Valid options: a hash to be passed to the create_resources function linked above.

  • pins (Hash) (defaults to: $apt::params::pins)

    Creates new ‘apt::pin` resources. Valid options: a hash to be passed to the create_resources function linked above.

  • settings (Hash) (defaults to: $apt::params::settings)

    Creates new ‘apt::setting` resources. Valid options: a hash to be passed to the create_resources function linked above.

  • manage_auth_conf (Boolean) (defaults to: $apt::params::manage_auth_conf)

    Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent.

  • auth_conf_entries (Array[Apt::Auth_conf_entry]) (defaults to: $apt::params::auth_conf_entries)

    An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent.

  • auth_conf_owner (String) (defaults to: $apt::params::auth_conf_owner)

    The owner of the file /etc/apt/auth.conf. Default: ‘_apt’ or ‘root’ on old releases.

  • root (String) (defaults to: $apt::params::root)

    Specifies root directory of Apt executable.

  • sources_list (String) (defaults to: $apt::params::sources_list)

    Specifies the path of the sources_list file to use.

  • sources_list_d (String) (defaults to: $apt::params::sources_list_d)

    Specifies the path of the sources_list.d file to use.

  • conf_d (String) (defaults to: $apt::params::conf_d)

    Specifies the path of the conf.d file to use.

  • preferences (String) (defaults to: $apt::params::preferences)

    Specifies the path of the preferences file to use.

  • preferences_d (String) (defaults to: $apt::params::preferences_d)

    Specifies the path of the preferences.d file to use.

  • config_files (Hash) (defaults to: $apt::params::config_files)

    A hash made up of the various configuration files used by Apt.

  • sources_list_force (Boolean) (defaults to: $apt::params::sources_list_force)

    Specifies whether to perform force purge or delete. Default false.

  • update_defaults (Hash) (defaults to: $apt::params::update_defaults)
  • purge_defaults (Hash) (defaults to: $apt::params::purge_defaults)
  • proxy_defaults (Hash) (defaults to: $apt::params::proxy_defaults)
  • include_defaults (Hash) (defaults to: $apt::params::include_defaults)
  • apt_conf_d (String) (defaults to: $apt::params::apt_conf_d)
  • source_key_defaults (Hash) (defaults to: $apt::params::source_key_defaults)

Options Hash (backports):

  • :location (String)

    See apt::backports for documentation.

  • :repos (String)

    See apt::backports for documentation.

  • :key (String)

    See apt::backports for documentation.

Options Hash (update):

  • :frequency (String)

    Specifies how often to run ‘apt-get update`. If the exec resource `apt_update` is notified, `apt-get update` runs regardless of this value. Valid options: ’always’ (at every Puppet run); ‘daily’ (if the value of ‘apt_update_last_success` is less than current epoch time minus 86400); ’weekly’ (if the value of ‘apt_update_last_success` is less than current epoch time minus 604800); and ’reluctantly’ (only if the exec resource ‘apt_update` is notified). Default: ’reluctantly’.

  • :loglevel (Integer)

    Specifies the log level of logs outputted to the console. Default: undef.

  • :timeout (Integer)

    Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef.

  • :tries (Integer)

    Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef.

Options Hash (purge):

  • :sources.list (Boolean)

    Specifies whether to purge any unmanaged entries from sources.list. Default false.

  • :sources.list.d (Boolean)

    Specifies whether to purge any unmanaged entries from sources.list.d. Default false.

  • :preferences (Boolean)

    Specifies whether to purge any unmanaged entries from preferences. Default false.

  • :preferences.d. (Boolean)

    Specifies whether to purge any unmanaged entries from preferences.d. Default false.

See Also:



124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
 
# File 'manifests/init.pp', line 124

class apt (
  Hash $update_defaults         = $apt::params::update_defaults,
  Hash $purge_defaults          = $apt::params::purge_defaults,
  Hash $proxy_defaults          = $apt::params::proxy_defaults,
  Hash $include_defaults        = $apt::params::include_defaults,
  String $provider              = $apt::params::provider,
  String $keyserver             = $apt::params::keyserver,
  Optional[String] $key_options = $apt::params::key_options,
  Optional[String] $ppa_options = $apt::params::ppa_options,
  Optional[String] $ppa_package = $apt::params::ppa_package,
  Optional[Hash] $backports     = $apt::params::backports,
  Hash $confs                   = $apt::params::confs,
  Hash $update                  = $apt::params::update,
  Hash $purge                   = $apt::params::purge,
  Apt::Proxy $proxy             = $apt::params::proxy,
  Hash $sources                 = $apt::params::sources,
  Hash $keys                    = $apt::params::keys,
  Hash $ppas                    = $apt::params::ppas,
  Hash $pins                    = $apt::params::pins,
  Hash $settings                = $apt::params::settings,
  Boolean $manage_auth_conf     = $apt::params::manage_auth_conf,
  Array[Apt::Auth_conf_entry]
    $auth_conf_entries          = $apt::params::auth_conf_entries,
  String $auth_conf_owner       = $apt::params::auth_conf_owner,
  String $root                  = $apt::params::root,
  String $sources_list          = $apt::params::sources_list,
  String $sources_list_d        = $apt::params::sources_list_d,
  String $conf_d                = $apt::params::conf_d,
  String $preferences           = $apt::params::preferences,
  String $preferences_d         = $apt::params::preferences_d,
  String $apt_conf_d            = $apt::params::apt_conf_d,
  Hash $config_files            = $apt::params::config_files,
  Hash $source_key_defaults     = $apt::params::source_key_defaults,
  Boolean $sources_list_force   = $apt::params::sources_list_force,
) inherits apt::params {

  if $facts['os']['family'] != 'Debian' {
    fail(translate('This module only works on Debian or derivatives like Ubuntu'))
  }

  if $update['frequency'] {
    assert_type(
      Enum['always','daily','weekly','reluctantly'],
      $update['frequency'],
    )
  }
  if $update['timeout'] {
    assert_type(Integer, $update['timeout'])
  }
  if $update['tries'] {
    assert_type(Integer, $update['tries'])
  }

  $_update = merge($::apt::update_defaults, $update)
  include ::apt::update

  if $purge['sources.list'] {
    assert_type(Boolean, $purge['sources.list'])
  }
  if $purge['sources.list.d'] {
    assert_type(Boolean, $purge['sources.list.d'])
  }
  if $purge['preferences'] {
    assert_type(Boolean, $purge['preferences'])
  }
  if $purge['preferences.d'] {
    assert_type(Boolean, $purge['preferences.d'])
  }
  if $sources_list_force {
    assert_type(Boolean, $sources_list_force)
  }
  if $purge['apt.conf.d'] {
    assert_type(Boolean, $purge['apt.conf.d'])
  }

  $_purge = merge($::apt::purge_defaults, $purge)
  $_proxy = merge($apt::proxy_defaults, $proxy)

  $confheadertmp = epp('apt/_conf_header.epp')
  $proxytmp = epp('apt/proxy.epp', {'proxies' => $_proxy})
  $updatestamptmp = epp('apt/15update-stamp.epp')

  if $_proxy['ensure'] == 'absent' or $_proxy['host'] {
    apt::setting { 'conf-proxy':
      ensure   => $_proxy['ensure'],
      priority => '01',
      content  => "${confheadertmp}${proxytmp}",
    }
  }

  if $sources_list_force {
    $sources_list_ensure = $_purge['sources.list'] ? {
      true    => absent,
      default  => file,
    }
    $sources_list_content = $_purge['sources.list'] ? {
      true    => nil,
      default => undef,
    }
  }
  else
    {
    $sources_list_ensure = $_purge['sources.list'] ? {
      true    => file,
      default => file,
    }
    $sources_list_content = $_purge['sources.list'] ? {
      true    => "# Repos managed by puppet.\n",
      default => undef,
    }
    }

  $preferences_ensure = $_purge['preferences'] ? {
    true    => absent,
    default => file,
  }

  if $_update['frequency'] == 'always' {
    Exec <| title=='apt_update' |> {
      refreshonly => false,
    }
  }

  apt::setting { 'conf-update-stamp':
    priority => 15,
    content  => "${confheadertmp}${updatestamptmp}",
  }

  file { 'sources.list':
    ensure  => $sources_list_ensure,
    path    => $::apt::sources_list,
    owner   => root,
    group   => root,
    content => $sources_list_content,
    notify  => Class['apt::update'],
  }

  file { 'sources.list.d':
    ensure  => directory,
    path    => $::apt::sources_list_d,
    owner   => root,
    group   => root,
    purge   => $_purge['sources.list.d'],
    recurse => $_purge['sources.list.d'],
    notify  => Class['apt::update'],
  }

  file { 'preferences':
    ensure => $preferences_ensure,
    path   => $::apt::preferences,
    owner  => root,
    group  => root,
    notify => Class['apt::update'],
  }

  file { 'preferences.d':
    ensure  => directory,
    path    => $::apt::preferences_d,
    owner   => root,
    group   => root,
    purge   => $_purge['preferences.d'],
    recurse => $_purge['preferences.d'],
    notify  => Class['apt::update'],
  }

  file { 'apt.conf.d':
    ensure  => directory,
    path    => $::apt::apt_conf_d,
    owner   => root,
    group   => root,
    purge   => $_purge['apt.conf.d'],
    recurse => $_purge['apt.conf.d'],
    notify  => Class['apt::update'],
  }

  if $confs {
    create_resources('apt::conf', $confs)
  }
  # manage sources if present
  if $sources {
    create_resources('apt::source', $sources)
  }
  # manage keys if present
  if $keys {
    create_resources('apt::key', $keys)
  }
  # manage ppas if present
  if $ppas {
    create_resources('apt::ppa', $ppas)
  }
  # manage settings if present
  if $settings {
    create_resources('apt::setting', $settings)
  }

  if $manage_auth_conf {
    $auth_conf_ensure = $auth_conf_entries ? {
      []      => 'absent',
      default => 'present',
    }

    $auth_conf_tmp = epp('apt/auth_conf.epp')

    file { '/etc/apt/auth.conf':
      ensure  => $auth_conf_ensure,
      owner   => $auth_conf_owner,
      group   => 'root',
      mode    => '0600',
      content => Sensitive("${confheadertmp}${auth_conf_tmp}"),
      notify  => Class['apt::update'],
    }
  }

  # manage pins if present
  if $pins {
    create_resources('apt::pin', $pins)
  }

  # required for adding GPG keys on Debian 9 (and derivatives)
  ensure_packages(['gnupg'])
}