-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
54ed146
commit df1c357
Showing
7 changed files
with
115 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,9 @@ | ||
# CHANGELOG | ||
|
||
## 0.1.8 | ||
|
||
* added **apt::unattendedupgrades** | ||
|
||
## 0.1.7 | ||
|
||
* added patching related tasks: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
class apt::unattendedupgrades( | ||
$manage_package = true, | ||
$package_ensure = 'installed', | ||
$manage_service = true, | ||
$manage_docker_service = true, | ||
$service_ensure = 'running', | ||
$service_enable = true, | ||
) inherits apt::params{ | ||
include ::apt | ||
|
||
Class['::apt'] -> | ||
class { '::apt::unattendedupgrades::install': } -> | ||
class { '::apt::unattendedupgrades::config': } -> | ||
Class['::apt::unattendedupgrades'] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
class apt::unattendedupgrades::config inherits apt { | ||
file { '/etc/apt/apt.conf.d/50unattended-upgrades': | ||
ensure => 'present', | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0644', | ||
content => template("${module_name}/unattended-upgrades/config.erb"), | ||
} | ||
|
||
file { '/etc/apt/apt.conf.d/20auto-upgrades': | ||
ensure => 'present', | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0644', | ||
content => template("${module_name}/unattended-upgrades/auto-upgrades.erb"), | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
class apt::unattendedupgrades::install inherits apt { | ||
if($apt::unattendedupgrades::manage_package) | ||
{ | ||
package { $apt::params::unattendedupgrades_package_name: | ||
ensure => $apt::unattendedupgrades::package_ensure, | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
APT::Periodic::Update-Package-Lists "1"; | ||
APT::Periodic::Download-Upgradeable-Packages "1"; | ||
APT::Periodic::AutocleanInterval "7"; | ||
APT::Periodic::Unattended-Upgrade "1"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
// Automatically upgrade packages from these (origin:archive) pairs | ||
Unattended-Upgrade::Allowed-Origins { | ||
"${distro_id}:${distro_codename}"; | ||
"${distro_id}:${distro_codename}-security"; | ||
// Extended Security Maintenance; doesn't necessarily exist for | ||
// every release and this system may not have it installed, but if | ||
// available, the policy for updates is such that unattended-upgrades | ||
// should also install from here by default. | ||
"${distro_id}ESM:${distro_codename}"; | ||
"${distro_id}:${distro_codename}-updates"; | ||
// "${distro_id}:${distro_codename}-proposed"; | ||
// "${distro_id}:${distro_codename}-backports"; | ||
}; | ||
|
||
// List of packages to not update (regexp are supported) | ||
Unattended-Upgrade::Package-Blacklist { | ||
// "vim"; | ||
// "libc6"; | ||
// "libc6-dev"; | ||
// "libc6-i686"; | ||
}; | ||
|
||
// This option allows you to control if on a unclean dpkg exit | ||
// unattended-upgrades will automatically run | ||
// dpkg --force-confold --configure -a | ||
// The default is true, to ensure updates keep getting installed | ||
//Unattended-Upgrade::AutoFixInterruptedDpkg "false"; | ||
|
||
// Split the upgrade into the smallest possible chunks so that | ||
// they can be interrupted with SIGUSR1. This makes the upgrade | ||
// a bit slower but it has the benefit that shutdown while a upgrade | ||
// is running is possible (with a small delay) | ||
//Unattended-Upgrade::MinimalSteps "true"; | ||
|
||
// Install all unattended-upgrades when the machine is shuting down | ||
// instead of doing it in the background while the machine is running | ||
// This will (obviously) make shutdown slower | ||
//Unattended-Upgrade::InstallOnShutdown "true"; | ||
|
||
// Send email to this address for problems or packages upgrades | ||
// If empty or unset then no email is sent, make sure that you | ||
// have a working mail setup on your system. A package that provides | ||
// 'mailx' must be installed. E.g. "[email protected]" | ||
//Unattended-Upgrade::Mail "root"; | ||
|
||
// Set this value to "true" to get emails only on errors. Default | ||
// is to always send a mail if Unattended-Upgrade::Mail is set | ||
//Unattended-Upgrade::MailOnlyOnError "true"; | ||
|
||
// Do automatic removal of new unused dependencies after the upgrade | ||
// (equivalent to apt-get autoremove) | ||
Unattended-Upgrade::Remove-Unused-Dependencies "true"; | ||
|
||
// Automatically reboot *WITHOUT CONFIRMATION* | ||
// if the file /var/run/reboot-required is found after the upgrade | ||
//Unattended-Upgrade::Automatic-Reboot "false"; | ||
|
||
// If automatic reboot is enabled and needed, reboot at the specific | ||
// time instead of immediately | ||
// Default: "now" | ||
//Unattended-Upgrade::Automatic-Reboot-Time "02:00"; | ||
|
||
// Use apt bandwidth limit feature, this example limits the download | ||
// speed to 70kb/sec | ||
//Acquire::http::Dl-Limit "70"; |