also allow use of apt-get via sudo

[puppet/modules/apt.git] / manifests / init.pp

# apt/manifests/init.pp - manage APT
# Copyright (C) 2009–2010 martin f. krafft <madduck@madduck.net>
#

class apt::install {

    package { "apt":
        ensure => present
    }

    package { [ "debian-archive-keyring", "gnupg", "wget", "debconf-utils" ]:
        ensure => latest
    }
}

class apt::files {

    if !defined(File[$_apt_module_parent_dir]) {
        file { $_apt_module_parent_dir:
            ensure  => directory,
            owner   => root,
            group   => root,
            mode    => 755,
        }
    }

    file { [ "/etc/apt/apt.conf.d", $_apt_module_dir ]:
        ensure  => directory,
        owner   => root,
        group   => root,
        mode    => 644,
        recurse => true
    }

    file { "/etc/apt/sources.list.d":
        ensure  => directory,
        owner   => root,
        group   => root,
        mode    => 644,
        recurse => true,
        purge   => $apt_enforce_sourceslist_set
    }

    if $apt_enforce_sourceslist_set {
        file { "/etc/apt/sources.list":
            ensure => absent
        }
    }
}

class apt::update {
    exec { apt-update:
        command     => "sh -c 'aptitude update || :'",
        refreshonly => true,
        subscribe   => [Class["apt::files"], Class["apt::repositories"]],
        logoutput   => on_failure
    }
}

class apt::sudo {

    if defined(Class["sudo"]) {
        @sudo::permission { "aptitude-safe-upgrades":
            who      => "%$apt_upgrader_group",
            runas    => "root",
            command  => [ "/usr/bin/aptitude update"
                        , "/usr/bin/aptitude safe-upgrade"
                        , "/usr/bin/apt-get update"
                        , "/usr/bin/apt-get upgrade"
                        ],
            nopasswd => true
        }

        @sudo::permission { "aptitude":
            who      => "%$apt_upgrader_group",
            runas    => "root",
            command  => "/usr/bin/aptitude"
        }

        @sudo::permission { ["apt-dist-upgrades","apt-safe-upgrades"]:
            ensure   => absent,
            who      => "%$apt_upgrader_group",
            runas    => "root",
            command  => [ "/usr/bin/aptitude dist-upgrade"
                        , "/usr/bin/apt-get dist-upgrade"
                        ]
        }
    }
}

class apt {

    $_apt_stable_suite = "lenny"

    $apt_include_sources = $apt_include_sources ?
        { "" => false, default => $apt_include_sources }

    $apt_suite = $apt_suite ? {
        ""      => $_apt_stable_suite,
        default => $apt_suite
    }

    $apt_include_experimental = $apt_include_experimental ? {
        ""      => false,
        default => $apt_include_experimental
    }

    $apt_components = $apt_components ? {
        ""      => [ "main" ],
        default => $apt_components
    }

    $apt_mirror_base = $apt_mirror_base ? {
        ""      => "http://cdn.debian.net",
        default => $apt_mirror_base
    }

    $apt_mirror = $apt_mirror ? {
        ""      => "${apt_mirror_base}/debian",
        default => $apt_mirror
    }

    $apt_security_mirror = $apt_security_mirror ? {
        ""      => "http://security.debian.org",
        default => $apt_security_mirror
    }

    $_apt_is_stable = $apt_suite ? { $_apt_stable_suite => true, default => false }

    $apt_include_volatile = $apt_include_volatile ?
        { "" => $_apt_is_stable, default => $apt_include_volatile }
    $apt_include_volatile_sloppy = $apt_include_volatile_sloppy ?
        { "" => $apt_include_volatile, default => $apt_include_volatile_sloppy }
    $apt_volatile_mirror = $apt_volatile_mirror ? {
        ""      => "${apt_mirror_base}/debian-volatile",
        default => $apt_volatile_mirror
    }

    $apt_include_backports = $apt_include_backports ?
        { "" => $_apt_is_stable, default => $apt_include_backports }
    $apt_backports_mirror = $apt_backports_mirror ? {
        ""      => "${apt_mirror_base}/backports.org",
        default => $apt_backports_mirror
    }

    $apt_include_multimedia = $apt_include_multimedia ?
        { "" => false, default => $apt_include_multimedia }
    $apt_multimedia_mirror = $apt_multimedia_mirror ? {
        ""      => "http://www.debian-multimedia.org",
        default => $apt_multimedia_mirror
    }

    $apt_pgp_keyserver = $apt_pgp_keyserver ? {
        ""      => "hkp://pool.sks-keyservers.net",
        default => $apt_pgp_keyserver
    }

    $apt_enforce_sourceslist_set = $apt_enforce_sourceslist_set ?
        { "" => false, default => $apt_enforce_sourceslist_set }

    $apt_enforce_preferences_set = $apt_enforce_preferences_set ?
        { "" => false, default => $apt_enforce_preferences_set }

    $_apt_default_apt_cache_limit = 16777216
    $apt_cache_limit = $apt_cache_limit ? {
        ""      => $_apt_default_apt_cache_limit,
        default => $apt_cache_limit
    }

    $apt_acquire_pdiffs = $apt_acquire_pdiffs ? {
        ""      => true,
        default => $apt_acquire_pdiffs
    }

    $apt_install_recommends = $apt_install_recommends ? {
        ""      => true,
        default => $apt_install_recommends
    }

    $apt_upgrader_group = $apt_upgrader_group ? {
        ""      => "staff",
        default => $apt_upgrader_group
    }

    $_apt_module_parent_dir = "/var/lib/puppet/modules"
    $_apt_module_dir = "${_apt_module_parent_dir}/apt"

    include apt::install, apt::files, apt::repositories, apt::update
    include apt::config
    include apt::preferences
    include apt::sudo
}

# vim:ft=puppet