From e69713f7d490e43797ef83b604553b3bdd10cdff Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 7 Apr 2012 11:15:42 +0000
Subject: [PATCH] Remove old backports.org key from apt-keyring

---
 modules/debian-org/manifests/init.pp          |  9 +++-
 ...list.erb => backports.debian.org.list.erb} |  0
 modules/site/manifests/aptrepo.pp             | 50 +++++++++++++------
 3 files changed, 42 insertions(+), 17 deletions(-)
 rename modules/debian-org/templates/etc/apt/sources.list.d/{backports.org.list.erb => backports.debian.org.list.erb} (100%)

diff --git a/modules/debian-org/manifests/init.pp b/modules/debian-org/manifests/init.pp
index 461f0a428..369aade3d 100644
--- a/modules/debian-org/manifests/init.pp
+++ b/modules/debian-org/manifests/init.pp
@@ -64,13 +64,18 @@ class debian-org {
 		site::aptrepo { 'security':
 			template => 'debian-org/etc/apt/sources.list.d/security.list.erb',
 		}
-		site::aptrepo { 'backports.org':
-			template => 'debian-org/etc/apt/sources.list.d/backports.org.list.erb',
+		site::aptrepo { 'backports.debian.org':
+			template => 'debian-org/etc/apt/sources.list.d/backports.debian.org.list.erb',
 		}
 		site::aptrepo { 'volatile':
 			template => 'debian-org/etc/apt/sources.list.d/volatile.list.erb',
 		}
 	}
+	site::aptrepo { 'backports.org':
+		ensure => absent,
+		keyid => '16BA136C',
+		key => 'puppet:///modules/debian-org/backports.org.asc',
+	}
 
 	site::aptrepo { 'debian.org':
 		ensure => absent,
diff --git a/modules/debian-org/templates/etc/apt/sources.list.d/backports.org.list.erb b/modules/debian-org/templates/etc/apt/sources.list.d/backports.debian.org.list.erb
similarity index 100%
rename from modules/debian-org/templates/etc/apt/sources.list.d/backports.org.list.erb
rename to modules/debian-org/templates/etc/apt/sources.list.d/backports.debian.org.list.erb
diff --git a/modules/site/manifests/aptrepo.pp b/modules/site/manifests/aptrepo.pp
index 79d1a59c6..ae66d6f21 100644
--- a/modules/site/manifests/aptrepo.pp
+++ b/modules/site/manifests/aptrepo.pp
@@ -1,21 +1,41 @@
-define site::aptrepo ($key = undef, $template = undef, $config = undef, $ensure = present) {
+define site::aptrepo ($key = undef, $keyid = undef, $template = undef, $config = undef, $ensure = present) {
 
-	if $key {
-		exec { "apt-key-update-${name}":
-			command     => "apt-key add /etc/apt/trusted-keys.d/${name}.asc",
-			refreshonly => true,
-		}
-
-		file { "/etc/apt/trusted-keys.d/${name}.asc":
-			source => $key,
-			mode   => '0664',
-			notify => Exec["apt-key-update-${name}"]
-		}
-	}
 
 	case $ensure {
-		present: {}
-		absent:  {}
+		present: {
+			if $key {
+				exec { "apt-key-update-${name}":
+					command     => "apt-key add /etc/apt/trusted-keys.d/${name}.asc",
+					refreshonly => true,
+				}
+
+				file { "/etc/apt/trusted-keys.d/${name}.asc":
+					source => $key,
+					mode   => '0664',
+					notify => Exec["apt-key-update-${name}"]
+				}
+			}
+		}
+		absent:  {
+			if ($keyid) and ($key) {
+				file { "/etc/apt/trusted-keys.d/${name}.asc":
+					ensure => absent,
+					notify => Exec["apt-key-del-${keyid}"]
+				}
+				exec { "apt-key-del-${keyid}":
+					command     => "apt-key del ${keyid}",
+					refreshonly => true,
+				}
+			} elsif $key {
+				file { "/etc/apt/trusted-keys.d/${name}.asc":
+					ensure => absent,
+				}
+			} elsif $keyid {
+				exec { "apt-key-del-${keyid}":
+					command     => "apt-key del ${keyid}",
+				}
+			}
+		}
 		default: { fail ( "Unknown ensure value: '$ensure'" ) }
 	}
 
-- 
2.20.1