# repos => 'main',
# key => {
# id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
-# server => 'hkps.pool.sks-keyservers.net',
+# server => 'keyserver.ubuntu.com',
# },
# }
#
#
# @param key
# Creates a declaration of the apt::key defined type. Valid options: a string to be passed to the `id` parameter of the `apt::key`
-# defined type, or a hash of `parameter => value` pairs to be passed to `apt::key`'s `id`, `server`, `content`, `source`, and/or
-# `options` parameters.
+# defined type, or a hash of `parameter => value` pairs to be passed to `apt::key`'s `id`, `server`, `content`, `source`, `weak_ssl`,
+# and/or `options` parameters.
+#
+# @param keyring
+# Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry.
+# See https://wiki.debian.org/DebianRepository/UseThirdParty for details.
#
# @param pin
# Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the `id` parameter of the
# @param notify_update
# Specifies whether to trigger an `apt-get update` run.
#
-define apt::source(
+define apt::source (
Optional[String] $location = undef,
String $comment = $name,
String $ensure = present,
Optional[String] $release = undef,
String $repos = 'main',
- Optional[Variant[Hash]] $include = {},
+ Variant[Hash] $include = {},
Optional[Variant[String, Hash]] $key = undef,
+ Optional[Stdlib::AbsolutePath] $keyring = undef,
Optional[Variant[Hash, Numeric, String]] $pin = undef,
Optional[String] $architecture = undef,
Boolean $allow_unsigned = false,
+ Boolean $allow_insecure = false,
Boolean $notify_update = true,
) {
-
include ::apt
$_before = Apt::Setting["list-${title}"]
if !$release {
- if $facts['lsbdistcodename'] {
- $_release = $facts['lsbdistcodename']
+ if fact('os.distro.codename') {
+ $_release = fact('os.distro.codename')
} else {
- fail(translate('lsbdistcodename fact not available: release parameter required'))
+ fail('os.distro.codename fact not available: release parameter required')
}
} else {
$_release = $release
if $ensure == 'present' {
if ! $location {
- fail(translate('cannot create a source entry without specifying a location'))
+ fail('cannot create a source entry without specifying a location')
}
elsif ($::apt::proxy['https_acng']) and ($location =~ /(?i:^https:\/\/)/) {
$_location = regsubst($location, 'https://','http://HTTPS///')
$_location = $location
}
# Newer oses, do not need the package for HTTPS transport.
- $_transport_https_releases = [ 'wheezy', 'jessie', 'stretch', 'trusty', 'xenial' ]
- if ($facts['lsbdistcodename'] in $_transport_https_releases) and $_location =~ /(?i:^https:\/\/)/ {
+ $_transport_https_releases = ['9']
+ if (fact('os.release.major') in $_transport_https_releases) and $_location =~ /(?i:^https:\/\/)/ {
ensure_packages('apt-transport-https')
+ Package['apt-transport-https'] -> Class['apt::update']
}
} else {
$_location = undef
$includes = merge($::apt::include_defaults, $include)
+ if $key and $keyring {
+ fail('parameters key and keyring are mutualy exclusive')
+ }
+
if $key {
if $key =~ Hash {
unless $key['id'] {
- fail(translate('key hash must contain at least an id entry'))
+ fail('key hash must contain at least an id entry')
}
$_key = merge($::apt::source_key_defaults, $key)
} else {
$header = epp('apt/_header.epp')
+ if $architecture {
+ $_architecture = regsubst($architecture, '\baarch64\b', 'arm64')
+ } else {
+ $_architecture = undef
+ }
+
$sourcelist = epp('apt/source.list.epp', {
'comment' => $comment,
'includes' => $includes,
- 'opt_architecture' => $architecture,
- 'allow_unsigned' => $allow_unsigned,
+ 'options' => delete_undef_values( {
+ 'arch' => $architecture,
+ 'trusted' => $allow_unsigned ? { true => 'yes', false => undef },
+ 'allow-insecure' => $allow_insecure ? { true => 'yes', false => undef },
+ 'signed-by' => $keyring,
+ },
+ ),
'location' => $_location,
'release' => $_release,
'repos' => $repos,
'origin' => $host,
}
} else {
- fail(translate('Received invalid value for pin parameter'))
+ fail('Received invalid value for pin parameter')
}
create_resources('apt::pin', { "${name}" => $_pin })
}
}
apt::key { "Add key: ${$_key['id']} from Apt::Source ${title}":
- ensure => $_ensure,
- id => $_key['id'],
- server => $_key['server'],
- content => $_key['content'],
- source => $_key['source'],
- options => $_key['options'],
- before => $_before,
+ ensure => $_ensure,
+ id => $_key['id'],
+ server => $_key['server'],
+ content => $_key['content'],
+ source => $_key['source'],
+ options => $_key['options'],
+ weak_ssl => $_key['weak_ssl'],
+ before => $_before,
}
}
}