Saltstack Official Apt Formula

59 lines
3.0KB

  1. # This is the main state file for configuring unattended upgrades with apt
  2. {% from "apt/map.jinja" import map with context %}
  3. apt_unattended_pakgs::
  4. pkg.installed:
  5. - pkgs:
  6. {% for pkg in map.pkgs %}
  7. - {{ pkg }}
  8. {% endfor %}
  9. {% set origins_pattern = salt['pillar.get']('apt:unattended:origings_pattern', ['origin=Debian,archive=stable,label=Debian-Security']) %}
  10. {% set package_blacklist = salt['pillar.get']('apt:unattended:package_blacklist', {}) %}
  11. {% set auto_fix_interrupted_dpkg = salt['pillar.get']('apt:unattended:auto_fix_interrupted_dpkg', 'true') %}
  12. {% set minimal_steps = salt['pillar.get']('apt:unattended:minimal_steps', 'false') %}
  13. {% set install_on_shutdown = salt['pillar.get']('apt:unattended:install_on_shutdown', 'false') %}
  14. {% set mail = salt['pillar.get']('apt:unattended:mail', 'root') %}
  15. {% set mail_only_on_error = salt['pillar.get']('apt:unattended:mail_only_on_error', 'false') %}
  16. {% set remove_unused_dependencies = salt['pillar.get']('apt:unattended:remove_unused_dependencies', 'true') %}
  17. {% set automatic_reboot = salt['pillar.get']('apt:unattended:automatic_reboot', 'false') %}
  18. {% set dl_limit = salt['pillar.get']('apt:unattended:dl_limit', '0') %}
  19. {{ map.confd_dir }}/{{ map.unattended_config }}:
  20. file.managed:
  21. - contents: |
  22. Unattended-Upgrade::Origins-Pattern {
  23. {%- for pattern in origins_pattern %}
  24. "{{ pattern }}";
  25. {%- endfor %}
  26. };
  27. Unattended-Upgrade::Package-Blacklist {
  28. {%- for package in package_blacklist %}
  29. "{{ package }}";
  30. {%- endfor %}
  31. };
  32. Unattended-Upgrade::AutoFixInterruptedDpkg "{{ auto_fix_interrupted_dpkg }}";
  33. Unattended-Upgrade::MinimalSteps "{{ minimal_steps }}";
  34. Unattended-Upgrade::InstallOnShutdown "{{ install_on_shutdown }}";
  35. Unattended-Upgrade::Mail "{{ mail }}";
  36. Unattended-Upgrade::MailOnlyOnError "{{ mail_only_on_error }}";
  37. Unattended-Upgrade::Remove-Unused-Dependencies "{{ remove_unused_dependencies }}";
  38. Unattended-Upgrade::Automatic-Reboot "{{ automatic_reboot }}";
  39. Acquire::http::Dl-Limit "{{ dl_limit }}";
  40. {% set enabled = salt['pillar.get']('apt:unattended:enabled', '1') %}
  41. {% set update_package_lists = salt['pillar.get']('apt:unattended:update_package_lists', '1') %}
  42. {% set download_upgradeable_packages = salt['pillar.get']('apt:unattended:download_upgradeable_packages', '1') %}
  43. {% set unattended_upgrade = salt['pillar.get']('apt:unattended:unattended_upgrade', '1') %}
  44. {% set auto_clean_interval = salt['pillar.get']('apt:unattended:auto_clean_interval', '7') %}
  45. {{ map.confd_dir }}/{{ map.periodic_config }}:
  46. file.managed:
  47. - contents: |
  48. APT::Periodic::Enable "{{ enabled }}";
  49. APT::Periodic::Update-Package-Lists "{{ update_package_lists }}";
  50. APT::Periodic::Download-Upgradeable-Packages "{{ download_upgradeable_packages }}";
  51. APT::Periodic::Unattended-Upgrade "{{ unattended_upgrade }}";
  52. APT::Periodic::AutocleanInterval "{{ auto_clean_interval }}";