+++ /dev/null
-# Class: apt::unattended_upgrades
-#
-# This class manages the unattended-upgrades package and related configuration
-# files for ubuntu
-#
-# origins are the repositories to automatically upgrade included packages
-# blacklist is a list of packages to not automatically upgrade
-# update is how often to run "apt-get update" in days
-# download is how often to run "apt-get upgrade --download-only" in days
-# upgrade is how often to upgrade packages included in the origins list in days
-# autoclean is how often to run "apt-get autoclean" in days
-#
-# information on the other options can be found in the 50unattended-upgrades
-# file and in /etc/cron.daily/apt
-#
-class apt::unattended_upgrades (
- $origins = $::apt::params::origins,
- $blacklist = [],
- $update = '1',
- $download = '1',
- $upgrade = '1',
- $autoclean = '7',
- $auto_fix = true,
- $minimal_steps = false,
- $install_on_shutdown = false,
- $mail_to = 'NONE',
- $mail_only_on_error = false,
- $remove_unused = true,
- $auto_reboot = false,
- $dl_limit = 'NONE',
- $randomsleep = undef,
- $enable = '1',
- $backup_interval = '0',
- $backup_level = '3',
- $max_age = '0',
- $min_age = '0',
- $max_size = '0',
- $download_delta = '0',
- $verbose = '0',
-) inherits ::apt::params {
-
- validate_bool(
- $auto_fix,
- $minimal_steps,
- $install_on_shutdown,
- $mail_only_on_error,
- $remove_unused,
- $auto_reboot
- )
- validate_array($origins)
-
- if $randomsleep {
- unless is_numeric($randomsleep) {
- fail('randomsleep must be numeric')
- }
- }
-
- package { 'unattended-upgrades':
- ensure => present,
- }
-
- file { '/etc/apt/apt.conf.d/50unattended-upgrades':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0644',
- content => template('apt/_header.erb', 'apt/50unattended-upgrades.erb'),
- require => Package['unattended-upgrades'],
- }
-
- file { '/etc/apt/apt.conf.d/10periodic':
- ensure => file,
- owner => 'root',
- group => 'root',
- mode => '0644',
- content => template('apt/_header.erb', 'apt/10periodic.erb'),
- require => Package['unattended-upgrades'],
- }
-}
+++ /dev/null
-require 'spec_helper'
-describe 'apt::unattended_upgrades', :type => :class do
- let(:file_unattended) { '/etc/apt/apt.conf.d/50unattended-upgrades' }
- let(:file_periodic) { '/etc/apt/apt.conf.d/10periodic' }
- let(:facts) { { :lsbdistid => 'Debian', :osfamily => 'Debian' } }
-
- it { should contain_package("unattended-upgrades") }
-
- it {
- should create_file("/etc/apt/apt.conf.d/50unattended-upgrades").with({
- "owner" => "root",
- "group" => "root",
- "mode" => "0644",
- "require" => "Package[unattended-upgrades]",
- })
- }
-
- it {
- should create_file("/etc/apt/apt.conf.d/10periodic").with({
- "owner" => "root",
- "group" => "root",
- "mode" => "0644",
- "require" => "Package[unattended-upgrades]",
- })
- }
-
- describe 'failing' do
- let :facts do
- {
- 'lsbdistid' => 'debian',
- 'lsbdistcodename' => 'squeeze',
- 'osfamily' => 'Debian',
- }
- end
- context 'bad auto_fix' do
- let :params do
- {
- 'auto_fix' => 'foo',
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad minimal_steps' do
- let :params do
- {
- 'minimal_steps' => 'foo',
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad install_on_shutdown' do
- let :params do
- {
- 'install_on_shutdown' => 'foo',
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad mail_only_on_error' do
- let :params do
- {
- 'mail_only_on_error' => 'foo',
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad remove_unused' do
- let :params do
- {
- 'remove_unused' => 'foo',
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad auto_reboot' do
- let :params do
- {
- 'auto_reboot' => 'foo',
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad origins' do
- let :params do
- {
- 'origins' => 'foo'
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
-
- context 'bad randomsleep' do
- let :params do
- {
- 'randomsleep' => '4ever'
- }
- end
- it { expect { should raise_error(Puppet::Error) } }
- end
- end
-
- context 'defaults' do
- let :facts do
- {
- 'lsbdistid' => 'debian',
- 'lsbdistcodename' => 'squeeze',
- 'osfamily' => 'Debian',
- }
- end
-
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Allowed-Origins \{\n\t"\${distro_id} oldstable";\n\t"\${distro_id} \${distro_codename}-security";\n\t"\${distro_id} \${distro_codename}-lts";\n\};} }
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::AutoFixInterruptedDpkg "true";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::MinimalSteps "false";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::InstallOnShutdown "false";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Remove-Unused-Dependencies "true";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Automatic-Reboot "false";}}
-
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Enable "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::BackUpArchiveInterval "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::BackUpLevel "3";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::MaxAge "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::MinAge "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::MaxSize "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Update-Package-Lists "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Download-Upgradeable-Packages "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Download-Upgradeable-Packages-Debdelta "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Unattended-Upgrade "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::AutocleanInterval "7";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Verbose "0";}}
- it { is_expected.to_not contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::RandomSleep}}
- end
-
- context 'wheezy' do
- let :facts do
- {
- 'lsbdistid' => 'debian',
- 'lsbdistcodename' => 'wheezy',
- 'osfamily' => 'Debian',
- }
- end
-
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Origins-Pattern \{\n\t"origin=Debian,archive=stable,label=Debian-Security";\n\t"origin=Debian,archive=oldstable,label=Debian-Security";\n\};} }
- end
-
- context 'anything but defaults' do
- let :facts do
- {
- 'lsbdistid' => 'debian',
- 'lsbdistcodename' => 'wheezy',
- 'osfamily' => 'Debian',
- }
- end
-
- let :params do
- {
- 'enable' => '0',
- 'backup_interval' => '3',
- 'backup_level' => '1',
- 'max_age' => '7',
- 'min_age' => '1',
- 'max_size' => '100',
- 'update' => '0',
- 'download' => '0',
- 'download_delta' => '1',
- 'upgrade' => '0',
- 'autoclean' => '0',
- 'verbose' => '1',
- 'origins' => ['bananas'],
- 'blacklist' => ['foo', 'bar'],
- 'auto_fix' => false,
- 'minimal_steps' => true,
- 'install_on_shutdown' => true,
- 'mail_to' => 'root@localhost',
- 'mail_only_on_error' => true,
- 'remove_unused' => false,
- 'auto_reboot' => true,
- 'dl_limit' => '70',
- 'randomsleep' => '1799',
- }
- end
-
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Origins-Pattern \{\n\t"bananas";\n\};} }
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Package-Blacklist \{\n\t"foo";\n\t"bar";\n\};} }
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::AutoFixInterruptedDpkg "false";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::MinimalSteps "true";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::InstallOnShutdown "true";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Mail "root@localhost";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::MailOnlyOnError "true";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Remove-Unused-Dependencies "false";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Unattended-Upgrade::Automatic-Reboot "true";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/50unattended-upgrades").with_content %r{Acquire::http::Dl-Limit "70";}}
-
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Enable "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::BackUpArchiveInterval "3";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::BackUpLevel "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::MaxAge "7";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::MinAge "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::MaxSize "100";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Update-Package-Lists "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Download-Upgradeable-Packages "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Download-Upgradeable-Packages-Debdelta "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Unattended-Upgrade "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::AutocleanInterval "0";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::Verbose "1";}}
- it { is_expected.to contain_file("/etc/apt/apt.conf.d/10periodic").with_content %r{APT::Periodic::RandomSleep "1799";}}
-
- end
-end
+++ /dev/null
-// Automatically upgrade packages from these (origin:archive) pairs
-<%- if @legacy_origin -%>
-Unattended-Upgrade::Allowed-Origins {
-<%- else -%>
-Unattended-Upgrade::Origins-Pattern {
-<%- end -%>
-<% @origins.each do |origin| -%>
- "<%= origin %>";
-<% end -%>
-};
-
-// List of packages to not update
-Unattended-Upgrade::Package-Blacklist {
-<% @blacklist.each do |package| -%>
- "<%= package %>";
-<% end -%>
-};
-
-// This option allows you to control if on a unclean dpkg exit
-// unattended-upgrades will automatically run
-// dpkg --force-confold --configure -a
-// The default is true, to ensure updates keep getting installed
-Unattended-Upgrade::AutoFixInterruptedDpkg "<%= @auto_fix %>";
-
-// Split the upgrade into the smallest possible chunks so that
-// they can be interrupted with SIGUSR1. This makes the upgrade
-// a bit slower but it has the benefit that shutdown while a upgrade
-// is running is possible (with a small delay)
-Unattended-Upgrade::MinimalSteps "<%= @minimal_steps %>";
-
-// Install all unattended-upgrades when the machine is shuting down
-// instead of doing it in the background while the machine is running
-// This will (obviously) make shutdown slower
-Unattended-Upgrade::InstallOnShutdown "<%= @install_on_shutdown %>";
-
-// Send email to this address for problems or packages upgrades
-// If empty or unset then no email is sent, make sure that you
-// have a working mail setup on your system. A package that provides
-// 'mailx' must be installed.
-<% if @mail_to != "NONE" %>Unattended-Upgrade::Mail "<%= @mail_to %>";<% end %>
-
-// Set this value to "true" to get emails only on errors. Default
-// is to always send a mail if Unattended-Upgrade::Mail is set
-<% if @mail_to != "NONE" %>Unattended-Upgrade::MailOnlyOnError "<%= @mail_only_on_error %>";<% end %>
-
-// Do automatic removal of new unused dependencies after the upgrade
-// (equivalent to apt-get autoremove)
-Unattended-Upgrade::Remove-Unused-Dependencies "<%= @remove_unused %>";
-
-// Automatically reboot *WITHOUT CONFIRMATION* if a
-// the file /var/run/reboot-required is found after the upgrade
-Unattended-Upgrade::Automatic-Reboot "<%= @auto_reboot %>";
-
-
-// Use apt bandwidth limit feature, this example limits the download
-// speed to 70kb/sec
-<% if @dl_limit != "NONE" %>Acquire::http::Dl-Limit "<%= @dl_limit %>";<% end %>