ソースを参照

0-change sugar

* Make system.repo more readable

Change-Id: I0f28e71f4b00422a70006559525e5be24c4cb065
pull/162/head
azvyagintsev 6年前
コミット
f27f4367d3
1個のファイルの変更91行の追加110行の削除
  1. +91
    -110
      linux/system/repo.sls

+ 91
- 110
linux/system/repo.sls ファイルの表示

@@ -5,9 +5,9 @@ linux_repo_prereq_pkgs:
pkg.installed:
- pkgs: {{ system.pkgs }}

# global proxy setup
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
{%- if grains.os_family == 'Debian' %}
# global proxy setup
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
{%- if grains.os_family == 'Debian' %}

/etc/apt/apt.conf.d/99proxies-salt:
file.managed:
@@ -18,33 +18,28 @@ linux_repo_prereq_pkgs:
https: {{ system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), true) }}
http: {{ system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), true) }}
ftp: {{ system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), true) }}

{%- else %}

{%- else %}
/etc/apt/apt.conf.d/99proxies-salt:
file.absent
{%- endif %}
{%- endif %}

{%- endif %}
{%- endif %}

{% set default_repos = {} %}

{%- if system.purge_repos|default(False) %}
{% set default_repos = {} %}

{%- if system.purge_repos|default(False) %}
purge_sources_list_d_repos:
file.directory:
- name: /etc/apt/sources.list.d/
- clean: True
{%- endif %}

{%- endif %}

{%- for name, repo in system.repo.items() %}
{%- set name=repo.get('name', name) %}
{%- if grains.os_family == 'Debian' %}
{%- for name, repo in system.repo.items() %}
{%- set name=repo.get('name', name) %}
{%- if grains.os_family == 'Debian' %}

# per repository proxy setup
{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- set external_host = repo.proxy.get('host', None) or repo.source.split('/')[2] %}
{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- set external_host = repo.proxy.get('host', None) or repo.source.split('/')[2] %}
/etc/apt/apt.conf.d/99proxies-salt-{{ name }}:
file.managed:
- template: jinja
@@ -54,13 +49,12 @@ purge_sources_list_d_repos:
https: {{ repo.proxy.get('https', None) or system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), True) }}
http: {{ repo.proxy.get('http', None) or system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), True) }}
ftp: {{ repo.proxy.get('ftp', None) or system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), True) }}
{%- else %}
{%- else %}
/etc/apt/apt.conf.d/99proxies-salt-{{ name }}:
file.absent
{%- endif %}

{%- if repo.pin is defined %}
{%- endif %}

{%- if repo.pin is defined %}
linux_repo_{{ name }}_pin:
file.managed:
- name: /etc/apt/preferences.d/{{ name }}
@@ -68,160 +62,147 @@ linux_repo_{{ name }}_pin:
- template: jinja
- defaults:
repo_name: {{ name }}

{%- else %}

{%- else %}
linux_repo_{{ name }}_pin:
file.absent:
- name: /etc/apt/preferences.d/{{ name }}
{%- endif %}

{%- endif %}

{%- if repo.get('key') %} {# 2 #}

{%- if repo.get('key') %} {# 2 #}
linux_repo_{{ name }}_key:
cmd.run:
- name: |
echo "{{ repo.key | indent(12) }}" | apt-key add -
- require_in:
{%- if repo.get('default', False) %}
{%- if repo.get('default', False) %}
- file: default_repo_list
{% else %}
{% else %}
- pkgrepo: linux_repo_{{ name }}
{% endif %}

{# key_url fetch by curl when salt <2017.7, higher version of salt has fixed bug for using a proxy_host/port specified at minion.conf #}
{#
NOTE: curl/cmd.run usage to fetch gpg key has limited functionality behind proxy. Environments with salt >= 2017.7 should use
key_url specified at pkgrepo.manage state (which uses properly configured http_host at minion.conf). Older versions of
salt require to have proxy set at ENV and curl way to fetch gpg key here can have a sense for backward compatibility.

Be aware that as of salt 2018.3 no_proxy option is not implemented at all.
{% endif %}

{# key_url fetch by curl when salt <2017.7, higher version of salt has
fixed bug for using a proxy_host/port specified at minion.conf

NOTE: curl/cmd.run usage to fetch gpg key has limited functionality behind proxy.
Environments with salt >= 2017.7 should use key_url specified at
pkgrepo.manage state (which uses properly configured http_host at
minion.conf). Older versions of salt require to have proxy set at
ENV and curl way to fetch gpg key here can have a sense for backward
compatibility. Be aware that as of salt 2018.3 no_proxy option is
not implemented at all.
#}
{%- elif repo.key_url|default(False) and grains['saltversioninfo'] < [2017, 7] and not repo.key_url.startswith('salt://') %}


{%- elif repo.key_url|default(False) and grains['saltversioninfo'] < [2017, 7] and not repo.key_url.startswith('salt://') %}
linux_repo_{{ name }}_key:
cmd.run:
- name: "curl -sL {{ repo.key_url }} | apt-key add -"
- require_in:
{%- if repo.get('default', False) %}
{%- if repo.get('default', False) %}
- file: default_repo_list
{% else %}
{% else %}
- pkgrepo: linux_repo_{{ name }}
{% endif %}

{%- endif %} {# 2 #}

{%- if repo.get('default', False) %} {# 1 #}
{%- do default_repos.update({name: repo}) %} {# for 'default' repos #}

{%- else %} {# for all others repos #}
{% endif %}
{%- endif %}

{%- if repo.get('enabled', True) %}
{%- if repo.get('default', False) %}
{%- do default_repos.update({name: repo}) %}
{%- else %}

{%- if repo.get('enabled', True) %}
linux_repo_{{ name }}:
pkgrepo.managed:
{%- if repo.ppa is defined %}
{%- if repo.ppa is defined %}
- ppa: {{ repo.ppa }}
{%- else %}
{%- else %}
- humanname: {{ name }}
- name: {{ repo.source }}
{%- if repo.architectures is defined %}
{%- if repo.architectures is defined %}
- architectures: {{ repo.architectures }}
{%- endif %}
{%- endif %}
- file: /etc/apt/sources.list.d/{{ name }}.list
- clean_file: {{ repo.clean|default(True) }}
{%- if repo.key_id is defined %}
{%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }}
{%- endif %}
{%- if repo.key_server is defined %}
{%- endif %}
{%- if repo.key_server is defined %}
- keyserver: {{ repo.key_server }}
{%- endif %}
{%- if repo.key_url is defined and (grains['saltversioninfo'] >= [2017, 7] or repo.key_url.startswith('salt://')) %}
{%- endif %}
{%- if repo.key_url is defined and (grains['saltversioninfo'] >= [2017, 7] or repo.key_url.startswith('salt://')) %}
- key_url: {{ repo.key_url }}
{%- endif %}
{%- endif %}
- consolidate: {{ repo.get('consolidate', False) }}
- clean_file: {{ repo.get('clean_file', False) }}
- refresh_db: {{ repo.get('refresh_db', True) }}
- require:
# FIXME remove this usless part
- pkg: linux_repo_prereq_pkgs
{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- if repo.get('proxy', {}).get('enabled', False) %}
- file: /etc/apt/apt.conf.d/99proxies-salt-{{ name }}
{%- endif %}
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
{%- endif %}
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
- file: /etc/apt/apt.conf.d/99proxies-salt
{%- endif %}
{%- if system.purge_repos|default(False) %}
{%- endif %}
{%- if system.purge_repos|default(False) %}
- file: purge_sources_list_d_repos
{%- endif %}
{%- endif %}

{%- else %}

{%- endif %}
{%- endif %}
{%- else %}
linux_repo_{{ name }}_absent:
pkgrepo.absent:
{%- if repo.ppa is defined %}
{%- if repo.ppa is defined %}
- ppa: {{ repo.ppa }}
{%- if repo.key_id is defined %}
{%- if repo.key_id is defined %}
- keyid_ppa: {{ repo.keyid_ppa }}
{%- endif %}
{%- else %}
{%- endif %}
{%- else %}
- file: /etc/apt/sources.list.d/{{ name }}.list
{%- if repo.key_id is defined %}
{%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }}
{%- endif %}
{%- endif %}
{%- endif %}
{%- endif %}
file.absent:
- name: /etc/apt/sources.list.d/{{ name }}.list
{%- endif %}
{%- endif %} {# 1 #}

{%- endif %}

{%- endif %} {# 1 #}

{#- os_family Debian #}
{%- endif %}
{%- endif %}

{%- if grains.os_family == "RedHat" %}
{%- if grains.os_family == "RedHat" %}

{%- if repo.get('enabled', True) %}
{%- if repo.get('enabled', True) %}

{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- if repo.get('proxy', {}).get('enabled', False) %}
# PLACEHOLDER
# TODO, implement per proxy configuration for Yum
{%- endif %}
{%- endif %}

{%- if not repo.get('default', False) %}
{%- if not repo.get('default', False) %}
linux_repo_{{ name }}:
pkgrepo.managed:
- name: {{ name }}
- humanname: {{ repo.get('humanname', name) }}
{%- if repo.mirrorlist is defined %}
{%- if repo.mirrorlist is defined %}
- mirrorlist: {{ repo.mirrorlist }}
{%- else %}
{%- else %}
- baseurl: {{ repo.source }}
{%- endif %}
{%- endif %}
- gpgcheck: {% if repo.get('gpgcheck', False) %}1{% else %}0{% endif %}
{%- if repo.gpgkey is defined %}
{%- if repo.gpgkey is defined %}
- gpgkey: {{ repo.gpgkey }}
{%- endif %}
{%- endif %}
- require:
- pkg: linux_repo_prereq_pkgs
{%- endif %}
{%- endif %}

{#- repo.enabled is false #}
{%- else %}
{%- else %}
pkgrepo.absent:
- name: {{ repo.source }}
{%- endif %}
{%- endif %}

{#- os_family Redhat #}
{%- endif %}
{%- endif %}

{#- repo.items() loop #}
{%- endfor %}
{%- endfor %}

{%- if default_repos|length > 0 and grains.os_family == 'Debian' %}
{%- if default_repos|length > 0 and grains.os_family == 'Debian' %}

default_repo_list:
file.managed:
@@ -231,9 +212,9 @@ default_repo_list:
- user: root
- group: root
- mode: 0644
{%- if system.purge_repos|default(False) %}
{%- if system.purge_repos|default(False) %}
- replace: True
{%- endif %}
{%- endif %}
- defaults:
default_repos: {{ default_repos }}
- require:
@@ -245,6 +226,6 @@ refresh_default_repo:
- watch:
- file: default_repo_list

{%- endif %}
{%- endif %}

{%- endif %}

読み込み中…
キャンセル
保存