The apt module automates obtaining and installing software packages on \*nix systems.
-**Note**: While this module allows the use of short keys, **we urge you NOT to use short keys**, as they pose a serious security issue by opening you up to collision attacks.
+**Note**: While this module allows the use of short keys, **warnings are thrown if a full fingerprint is not used**, as they pose a serious security issue by opening you up to collision attacks.
## Setup
```
class { 'apt::unattended_upgrades':
- origins => $::apt::params::origins,
- blacklist => [],
- update => '1',
- download => '1',
- upgrade => '1',
- autoclean => '7',
+ blacklist => [],
+ update => '1',
+ download => '1',
+ upgrade => '1',
+ autoclean => '7',
}
```
release => 'unstable',
repos => 'main contrib non-free',
required_packages => 'debian-keyring debian-archive-keyring',
- key => '8B48AD6246925553',
+ key => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
key_server => 'subkeys.pgp.net',
pin => '-10',
include_src => true,
key: '9AA38DCD55BE302B'
key_server: 'subkeys.pgp.net'
pin: '-10'
- include_src: 'true'
- include_deb: 'true'
+ include_src: true
+ include_deb: true
'puppetlabs':
location: 'http://apt.puppetlabs.com'
####apt::unattended_upgrades
-* `origins`: The repositories from which to automatically upgrade included packages.
-* `blacklist`: A list of packages to **not** automatically upgrade.
-* `update`: How often, in days, to run `apt-get update`.
-* `download`: How often, in days, to run `apt-get upgrade --download-only`.
-* `upgrade`: How often, in days, to upgrade packages included in the origins list.
-* `autoclean`: How often, in days, to run `apt-get autoclean`.
-* `randomsleep`: How long, in seconds, to randomly wait before applying upgrades.
+* `legacy_origin`: If set to true, use the old `Unattended-Upgrade::Allowed-Origins` variable. If false, use `Unattended-Upgrade::Origins-Pattern`. OS-dependent defaults are defined in `apt::params`.
+* `origins`: The repositories from which to automatically upgrade included packages. OS-dependent defaults are defined in `apt::params`. (Usually only security updates are enabled by default)
+* `blacklist`: A list of packages to **not** automatically upgrade. This list is empty by default.
+* `update`: How often, in days, to run `apt-get update`. Defaults to '1'.
+* `download`: How often, in days, to run `apt-get upgrade --download-only`. Defaults to '1'.
+* `upgrade`: How often, in days, to upgrade packages included in the origins list. Defaults to '1'.
+* `autoclean`: How often, in days, to run `apt-get autoclean`. Defaults to '7'.
+* `auto_fix`: Tries to automatically fix interrupted package installations. Defaults to 'true'.
+* `minimal_steps`: Split the upgrade process into sections to allow shutdown during upgrade. Defaults to 'false'.
+* `install_on_shutdown`: Install updates on shutdown instead of in the background. Defaults to 'false'.
+* `mail_to`: Send e-mail to this address about packages upgrades or errors. This is not set by default.
+* `mail_only_on_error`: Send e-mail only in case of error, not on successful upgrade. Defaults to 'false'.
+* `remove_unused`: Removes unused dependencies. Defaults to 'true'.
+* `auto_reboot`: Reboot the system **without confirmation** if an update requires rebooting. Defaults to 'false'.
+* `dl_limit`: Use a bandwidth limit for downloading, specified in kb/sec. This is not set by default.
+* `randomsleep`: How long, in seconds, to randomly wait before applying upgrades. This is not set by default.
####apt::source
It is recommended to read the manpage 'apt_preferences(5)'
+####apt::ppa
+
+* `ensure`: Whether we are adding or removing the PPA. Can be 'present' or 'absent'. Defaults to 'present'.
+* `release`: The codename for the operating system you're running. Defaults to `$lsbdistcodename`. Required if lsb-release is not installed.
+* `options`: Options to be passed to the `apt-add-repository` command. OS-dependent defaults are set in `apt::params`.
+* `package_name`: The package that provides the `apt-add-repository` command. OS-dependent defaults are set in `apt::params`.
+* `package_manage`: Whether or not to manage the package providing `apt-add-repository`. Defaults to true.
+
### Testing
The apt module is mostly a collection of defined resource types, which provide reusable logic for managing Apt. It provides smoke tests for testing functionality on a target system, as well as spec tests for checking a compiled catalog against an expected set of resources.
Code Review / puppet-modules / puppetlabs-apt.git / blobdiff