Note that exim contains tracker-specific configuration

[mirror/dsa-puppet.git] / modules / schroot / files / setup-dchroot

diff --git a/modules/schroot/files/setup-dchroot b/modules/schroot/files/setup-dchroot
index 2d55920..7f372fe 100755 (executable)
--- a/modules/schroot/files/setup-dchroot
+++ b/modules/schroot/files/setup-dchroot
@@ -184,7 +184,8 @@ arch="$THISARCH"
 if [ -e /etc/schroot/dsa/default-mirror ]; then
     mirror=$(cat /etc/schroot/dsa/default-mirror )
 fi
-mirror="${mirror:-http://ftp.debian.org/debian}"
+mirror="${mirror:-https://deb.debian.org/debian}"
+smirror="https://deb.debian.org/debian-security"
 configonly=""
 force=""
 basedir="/srv/chroot"
@@ -195,7 +196,7 @@ sbuildnames=""
 ubuntu=""
 groupuser="Debian,guest,d-i"
 grouproot=""
-include="apt,fakeroot"
+include="apt,fakeroot,ca-certificates"
 users=""
 usersroot=""
 bare=""
@@ -352,8 +353,17 @@ case "$suite" in
     ;;
 esac
 
+bindir=$(mktemp -d)
+cleanup+=("rm -r $bindir")
+cat > "$bindir/wget" << 'EOF'
+#!/bin/sh
+exec /usr/bin/wget --ca-directory=/etc/ssl/ca-global "$@"
+EOF
+chmod +x "$bindir/wget"
+
 set -x
-debootstrap \
+PATH="$bindir:$PATH" \
+  debootstrap \
     --keyring "$keyring" \
     --include="$include" \
     --variant=buildd \
@@ -397,15 +407,24 @@ while true; do
 done
 EOF
 chmod +x "$rootdir/usr/local/sbin/policy-rc.d"
-[ -z "$bare" ] && [ -z "$ubuntu" ] && chroot "$rootdir" apt-get install -y --no-install-recommends locales-all
-chroot "$rootdir" apt-get install -y --no-install-recommends build-essential
-[ -z "$bare" ] && chroot "$rootdir" apt-get install -y --no-install-recommends zsh less vim fakeroot devscripts gdb
+
+case "$suite" in
+  jessie) # LTS updates
+    echo "deb ${smirror} ${suite}/updates main" >> "$rootdir/etc/apt/sources.list"
+    chroot "$rootdir" apt-get update
+    chroot "$rootdir" apt-get dist-upgrade -y
+    ;;
+esac
 if [ -n "$ubuntu" ]; then
   echo "deb $mirror ${suite}-updates main" >> "$rootdir/etc/apt/sources.list"
   echo "deb $mirror ${suite}-security main" >> "$rootdir/etc/apt/sources.list"
   chroot "$rootdir" apt-get update
   chroot "$rootdir" apt-get dist-upgrade -y
 fi
+
+[ -z "$bare" ] && [ -z "$ubuntu" ] && chroot "$rootdir" apt-get install -y --no-install-recommends locales-all
+chroot "$rootdir" apt-get install -y --no-install-recommends build-essential
+[ -z "$bare" ] && chroot "$rootdir" apt-get install -y --no-install-recommends zsh less vim fakeroot devscripts gdb
 rm -f "$rootdir/etc/apt/sources.list" "$rootdir/etc/apt/sources.list.d/*"
 chroot "$rootdir" apt-get clean
 umount "$rootdir/dev" 2>/dev/null || true