1 # @summary Main class, includes all other classes.
3 # @see https://docs.puppetlabs.com/references/latest/function.html#createresources for the create resource function
6 # Specifies the provider that should be used by apt::update.
9 # Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or
13 # Supplies options to be passed to the `add-apt-repository` command.
16 # Names the package that provides the `apt-add-repository` command.
19 # Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys:
21 # @option backports [String] :location
22 # See apt::backports for documentation.
24 # @option backports [String] :repos
25 # See apt::backports for documentation.
27 # @option backports [String] :key
28 # See apt::backports for documentation.
31 # Creates new `apt::conf` resources. Valid options: a hash to be passed to the create_resources function linked above.
34 # Configures various update settings. Valid options: a hash made up from the following keys:
36 # @option update [String] :frequency
37 # Specifies how often to run `apt-get update`. If the exec resource `apt_update` is notified, `apt-get update` runs regardless of this value.
38 # Valid options: 'always' (at every Puppet run); 'daily' (if the value of `apt_update_last_success` is less than current epoch time minus 86400);
39 # 'weekly' (if the value of `apt_update_last_success` is less than current epoch time minus 604800); and 'reluctantly' (only if the exec resource
40 # `apt_update` is notified). Default: 'reluctantly'.
42 # @option update [Integer] :loglevel
43 # Specifies the log level of logs outputted to the console. Default: undef.
45 # @option update [Integer] :timeout
46 # Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef.
48 # @option update [Integer] :tries
49 # Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef.
52 # Specifies whether to purge any existing settings that aren't managed by Puppet. Valid options: a hash made up from the following keys:
54 # @option purge [Boolean] :sources.list
55 # Specifies whether to purge any unmanaged entries from sources.list. Default false.
57 # @option purge [Boolean] :sources.list.d
58 # Specifies whether to purge any unmanaged entries from sources.list.d. Default false.
60 # @option purge [Boolean] :preferences
61 # Specifies whether to purge any unmanaged entries from preferences. Default false.
63 # @option purge [Boolean] :preferences.d.
64 # Specifies whether to purge any unmanaged entries from preferences.d. Default false.
67 # Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy.
70 # Creates new `apt::source` resources. Valid options: a hash to be passed to the create_resources function linked above.
73 # Creates new `apt::key` resources. Valid options: a hash to be passed to the create_resources function linked above.
76 # Creates new `apt::ppa` resources. Valid options: a hash to be passed to the create_resources function linked above.
79 # Creates new `apt::pin` resources. Valid options: a hash to be passed to the create_resources function linked above.
82 # Creates new `apt::setting` resources. Valid options: a hash to be passed to the create_resources function linked above.
84 # @param manage_auth_conf
85 # Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in
86 # the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent.
88 # @param auth_conf_entries
89 # An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like
90 # format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See
91 # https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and
92 # password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent.
94 # @param auth_conf_owner
95 # The owner of the file /etc/apt/auth.conf. Default: '_apt' or 'root' on old releases.
98 # Specifies root directory of Apt executable.
100 # @param sources_list
101 # Specifies the path of the sources_list file to use.
103 # @param sources_list_d
104 # Specifies the path of the sources_list.d file to use.
107 # Specifies the path of the conf.d file to use.
110 # Specifies the path of the preferences file to use.
112 # @param preferences_d
113 # Specifies the path of the preferences.d file to use.
115 # @param config_files
116 # A hash made up of the various configuration files used by Apt.
119 Hash $update_defaults = $apt::params::update_defaults,
120 Hash $purge_defaults = $apt::params::purge_defaults,
121 Hash $proxy_defaults = $apt::params::proxy_defaults,
122 Hash $include_defaults = $apt::params::include_defaults,
123 String $provider = $apt::params::provider,
124 String $keyserver = $apt::params::keyserver,
125 Optional[String] $ppa_options = $apt::params::ppa_options,
126 Optional[String] $ppa_package = $apt::params::ppa_package,
127 Optional[Hash] $backports = $apt::params::backports,
128 Hash $confs = $apt::params::confs,
129 Hash $update = $apt::params::update,
130 Hash $purge = $apt::params::purge,
131 Apt::Proxy $proxy = $apt::params::proxy,
132 Hash $sources = $apt::params::sources,
133 Hash $keys = $apt::params::keys,
134 Hash $ppas = $apt::params::ppas,
135 Hash $pins = $apt::params::pins,
136 Hash $settings = $apt::params::settings,
137 Boolean $manage_auth_conf = $apt::params::manage_auth_conf,
138 Array[Apt::Auth_conf_entry]
139 $auth_conf_entries = $apt::params::auth_conf_entries,
140 String $auth_conf_owner = $apt::params::auth_conf_owner,
141 String $root = $apt::params::root,
142 String $sources_list = $apt::params::sources_list,
143 String $sources_list_d = $apt::params::sources_list_d,
144 String $conf_d = $apt::params::conf_d,
145 String $preferences = $apt::params::preferences,
146 String $preferences_d = $apt::params::preferences_d,
147 String $apt_conf_d = $apt::params::apt_conf_d,
148 Hash $config_files = $apt::params::config_files,
149 Hash $source_key_defaults = $apt::params::source_key_defaults,
150 ) inherits apt::params {
152 if $facts['osfamily'] != 'Debian' {
153 fail(translate('This module only works on Debian or derivatives like Ubuntu'))
156 if $update['frequency'] {
158 Enum['always','daily','weekly','reluctantly'],
159 $update['frequency'],
162 if $update['timeout'] {
163 assert_type(Integer, $update['timeout'])
165 if $update['tries'] {
166 assert_type(Integer, $update['tries'])
169 $_update = merge($::apt::update_defaults, $update)
170 include ::apt::update
172 if $purge['sources.list'] {
173 assert_type(Boolean, $purge['sources.list'])
175 if $purge['sources.list.d'] {
176 assert_type(Boolean, $purge['sources.list.d'])
178 if $purge['preferences'] {
179 assert_type(Boolean, $purge['preferences'])
181 if $purge['preferences.d'] {
182 assert_type(Boolean, $purge['preferences.d'])
184 if $purge['apt.conf.d'] {
185 assert_type(Boolean, $purge['apt.conf.d'])
188 $_purge = merge($::apt::purge_defaults, $purge)
189 $_proxy = merge($apt::proxy_defaults, $proxy)
191 $confheadertmp = epp('apt/_conf_header.epp')
192 $proxytmp = epp('apt/proxy.epp', {'proxies' => $_proxy})
193 $updatestamptmp = epp('apt/15update-stamp.epp')
195 if $_proxy['ensure'] == 'absent' or $_proxy['host'] {
196 apt::setting { 'conf-proxy':
197 ensure => $_proxy['ensure'],
199 content => "${confheadertmp}${proxytmp}",
203 $sources_list_content = $_purge['sources.list'] ? {
204 true => "# Repos managed by puppet.\n",
208 $preferences_ensure = $_purge['preferences'] ? {
213 if $_update['frequency'] == 'always' {
214 Exec <| title=='apt_update' |> {
215 refreshonly => false,
219 apt::setting { 'conf-update-stamp':
221 content => "${confheadertmp}${updatestamptmp}",
224 file { 'sources.list':
226 path => $::apt::sources_list,
230 content => $sources_list_content,
231 notify => Class['apt::update'],
234 file { 'sources.list.d':
236 path => $::apt::sources_list_d,
240 purge => $_purge['sources.list.d'],
241 recurse => $_purge['sources.list.d'],
242 notify => Class['apt::update'],
245 file { 'preferences':
246 ensure => $preferences_ensure,
247 path => $::apt::preferences,
251 notify => Class['apt::update'],
254 file { 'preferences.d':
256 path => $::apt::preferences_d,
260 purge => $_purge['preferences.d'],
261 recurse => $_purge['preferences.d'],
262 notify => Class['apt::update'],
267 path => $::apt::apt_conf_d,
271 purge => $_purge['apt.conf.d'],
272 recurse => $_purge['apt.conf.d'],
273 notify => Class['apt::update'],
277 create_resources('apt::conf', $confs)
279 # manage sources if present
281 create_resources('apt::source', $sources)
283 # manage keys if present
285 create_resources('apt::key', $keys)
287 # manage ppas if present
289 create_resources('apt::ppa', $ppas)
291 # manage settings if present
293 create_resources('apt::setting', $settings)
296 if $manage_auth_conf {
297 $auth_conf_ensure = $auth_conf_entries ? {
299 default => 'present',
302 $auth_conf_tmp = epp('apt/auth_conf.epp')
304 file { '/etc/apt/auth.conf':
305 ensure => $auth_conf_ensure,
306 owner => $auth_conf_owner,
309 content => "${confheadertmp}${auth_conf_tmp}",
310 notify => Class['apt::update'],
314 # manage pins if present
316 create_resources('apt::pin', $pins)
319 # required for adding GPG keys on Debian 9 (and derivatives)
320 ensure_packages(['dirmngr'])