projects / mirror / dsa-puppet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Now -backports or -updates for jessie
[mirror/dsa-puppet.git] / modules / debian_org / manifests / apt.pp
1 # == Class: debian_org
2 #
3 # Stuff common to all debian.org servers
4 #
5 class debian_org::apt {
6         if versioncmp($::lsbmajdistrelease, '8') <= 0 {
7                 $fallbackmirror = 'http://cdn-fastly.deb.debian.org/debian/'
8         } else {
9                 $fallbackmirror = 'http://deb.debian.org/debian/'
10         }
11
12         if getfromhash($site::nodeinfo, 'hoster', 'mirror-debian') {
13                 $mirror = [ getfromhash($site::nodeinfo, 'hoster', 'mirror-debian'), $fallbackmirror ]
14         } else {
15                 $mirror = [ $fallbackmirror ]
16         }
17
18         # jessie
19         if versioncmp($::lsbmajdistrelease, '8') <= 0 {
20                 site::aptrepo { 'debian':
21                         url        => $mirror,
22                         suite      => [ $::lsbdistcodename ],
23                         components => ['main','contrib','non-free']
24                 }
25         # stretch
26         } elsif versioncmp($::lsbmajdistrelease, '9') <= 0 {
27                 site::aptrepo { 'debian':
28                         url        => $mirror,
29                         suite      => [ $::lsbdistcodename, "${::lsbdistcodename}-backports", "${::lsbdistcodename}-updates" ],
30                         components => ['main','contrib','non-free']
31                 }
32         # buster or newer
33         } else {
34                 site::aptrepo { 'debian':
35                         url        => $mirror,
36                         suite      => [ $::lsbdistcodename, "${::lsbdistcodename}-updates" ],
37                         components => ['main','contrib','non-free']
38                 }
39         }
40
41         if versioncmp($::lsbmajdistrelease, '8') <= 0 {
42                 site::aptrepo { 'security':
43                         url        => [ 'http://security-cdn.debian.org/', 'http://security.debian.org/' ],
44                         suite      => "${::lsbdistcodename}/updates",
45                         components => ['main','contrib','non-free']
46                 }
47         } else {
48                 site::aptrepo { 'security':
49                         url        => [ 'http://security.debian.org/' ],
50                         suite      => "${::lsbdistcodename}/updates",
51                         components => ['main','contrib','non-free']
52                 }
53         }
54
55         # ca-certificates is installed by the ssl module
56         if versioncmp($::lsbmajdistrelease, '9') <= 0 {
57                 package { 'apt-transport-https':
58                         ensure => installed,
59                 }
60         } else {
61                 # transitional package in buster
62                 package { 'apt-transport-https':
63                         ensure => purged,
64                 }
65         }
66         $dbdosuites = [ 'debian-all', $::lsbdistcodename ]
67         site::aptrepo { 'db.debian.org':
68                 url        => 'https://db.debian.org/debian-admin',
69                 suite      => $dbdosuites,
70                 components => 'main',
71                 key        => 'puppet:///modules/debian_org/db.debian.org.gpg',
72         }
73
74         if ($::hostname in []) {
75                 site::aptrepo { 'proposed-updates':
76                         url        => $mirror,
77                         suite      => "${::lsbdistcodename}-proposed-updates",
78                         components => ['main','contrib','non-free']
79                 }
80         } else {
81                 site::aptrepo { 'proposed-updates':
82                         ensure => absent,
83                 }
84         }
85
86         site::aptrepo { 'debian-cdn':
87                 ensure => absent,
88         }
89         site::aptrepo { 'debian.org':
90                 ensure => absent,
91         }
92         site::aptrepo { 'debian2':
93                 ensure => absent,
94         }
95         site::aptrepo { 'backports2.debian.org':
96                 ensure => absent,
97         }
98         site::aptrepo { 'backports.debian.org':
99                 ensure => absent,
100         }
101         site::aptrepo { 'volatile':
102                 ensure => absent,
103         }
104         site::aptrepo { 'db.debian.org-suite':
105                 ensure => absent,
106         }
107         site::aptrepo { 'debian-lts':
108                 ensure => absent,
109         }
110
111
112
113
114         file { '/etc/apt/trusted-keys.d':
115                 ensure => absent,
116                 force  => true,
117         }
118
119         file { '/etc/apt/trusted.gpg':
120                 mode    => '0600',
121                 content => "",
122         }
123
124         file { '/etc/apt/preferences':
125                 source => 'puppet:///modules/debian_org/apt.preferences',
126         }
127         file { '/etc/apt/apt.conf.d/local-compression':
128                 source => 'puppet:///modules/debian_org/apt.conf.d/local-compression',
129         }
130         file { '/etc/apt/apt.conf.d/local-recommends':
131                 source => 'puppet:///modules/debian_org/apt.conf.d/local-recommends',
132         }
133         file { '/etc/apt/apt.conf.d/local-pdiffs':
134                 source => 'puppet:///modules/debian_org/apt.conf.d/local-pdiffs',
135         }
136         file { '/etc/apt/apt.conf.d/local-langs':
137                 source => 'puppet:///modules/debian_org/apt.conf.d/local-langs',
138         }
139         file { '/etc/apt/apt.conf.d/local-cainfo':
140                 source => 'puppet:///modules/debian_org/apt.conf.d/local-cainfo',
141         }
142
143         exec { 'apt-get update':
144                 path    => '/usr/bin:/usr/sbin:/bin:/sbin',
145                 onlyif  => '/usr/local/bin/check_for_updates',
146                 require => File['/usr/local/bin/check_for_updates']
147         }
148         Exec['apt-get update']->Package<| tag == extra_repo |>
149 }
Unnamed repository; edit this file 'description' to name the repository.