Browse Source

0-change sugar

* Make system.repo more readable

Change-Id: I0f28e71f4b00422a70006559525e5be24c4cb065
master
azvyagintsev 6 years ago
parent
commit
f27f4367d3
1 changed files with 91 additions and 110 deletions
  1. +91
    -110
      linux/system/repo.sls

+ 91
- 110
linux/system/repo.sls View File

pkg.installed: pkg.installed:
- pkgs: {{ system.pkgs }} - pkgs: {{ system.pkgs }}


# global proxy setup
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
{%- if grains.os_family == 'Debian' %}
# global proxy setup
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
{%- if grains.os_family == 'Debian' %}


/etc/apt/apt.conf.d/99proxies-salt: /etc/apt/apt.conf.d/99proxies-salt:
file.managed: file.managed:
https: {{ system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), true) }} https: {{ system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), true) }}
http: {{ system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), true) }} http: {{ system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), true) }}
ftp: {{ system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), true) }} ftp: {{ system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), true) }}

{%- else %}

{%- else %}
/etc/apt/apt.conf.d/99proxies-salt: /etc/apt/apt.conf.d/99proxies-salt:
file.absent file.absent
{%- endif %}
{%- endif %}


{%- endif %}
{%- endif %}

{% set default_repos = {} %}

{%- if system.purge_repos|default(False) %}
{% set default_repos = {} %}


{%- if system.purge_repos|default(False) %}
purge_sources_list_d_repos: purge_sources_list_d_repos:
file.directory: file.directory:
- name: /etc/apt/sources.list.d/ - name: /etc/apt/sources.list.d/
- clean: True - clean: True
{%- endif %}


{%- endif %}

{%- for name, repo in system.repo.items() %}
{%- set name=repo.get('name', name) %}
{%- if grains.os_family == 'Debian' %}
{%- for name, repo in system.repo.items() %}
{%- set name=repo.get('name', name) %}
{%- if grains.os_family == 'Debian' %}


# per repository proxy setup # per repository proxy setup
{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- set external_host = repo.proxy.get('host', None) or repo.source.split('/')[2] %}
{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- set external_host = repo.proxy.get('host', None) or repo.source.split('/')[2] %}
/etc/apt/apt.conf.d/99proxies-salt-{{ name }}: /etc/apt/apt.conf.d/99proxies-salt-{{ name }}:
file.managed: file.managed:
- template: jinja - template: jinja
https: {{ repo.proxy.get('https', None) or system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), True) }} https: {{ repo.proxy.get('https', None) or system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), True) }}
http: {{ repo.proxy.get('http', None) or system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), True) }} http: {{ repo.proxy.get('http', None) or system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), True) }}
ftp: {{ repo.proxy.get('ftp', None) or system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), True) }} ftp: {{ repo.proxy.get('ftp', None) or system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), True) }}
{%- else %}
{%- else %}
/etc/apt/apt.conf.d/99proxies-salt-{{ name }}: /etc/apt/apt.conf.d/99proxies-salt-{{ name }}:
file.absent file.absent
{%- endif %}

{%- if repo.pin is defined %}
{%- endif %}


{%- if repo.pin is defined %}
linux_repo_{{ name }}_pin: linux_repo_{{ name }}_pin:
file.managed: file.managed:
- name: /etc/apt/preferences.d/{{ name }} - name: /etc/apt/preferences.d/{{ name }}
- template: jinja - template: jinja
- defaults: - defaults:
repo_name: {{ name }} repo_name: {{ name }}

{%- else %}

{%- else %}
linux_repo_{{ name }}_pin: linux_repo_{{ name }}_pin:
file.absent: file.absent:
- name: /etc/apt/preferences.d/{{ name }} - name: /etc/apt/preferences.d/{{ name }}
{%- endif %}


{%- endif %}

{%- if repo.get('key') %} {# 2 #}

{%- if repo.get('key') %} {# 2 #}
linux_repo_{{ name }}_key: linux_repo_{{ name }}_key:
cmd.run: cmd.run:
- name: | - name: |
echo "{{ repo.key | indent(12) }}" | apt-key add - echo "{{ repo.key | indent(12) }}" | apt-key add -
- require_in: - require_in:
{%- if repo.get('default', False) %}
{%- if repo.get('default', False) %}
- file: default_repo_list - file: default_repo_list
{% else %}
{% else %}
- pkgrepo: linux_repo_{{ name }} - pkgrepo: linux_repo_{{ name }}
{% endif %}

{# key_url fetch by curl when salt <2017.7, higher version of salt has fixed bug for using a proxy_host/port specified at minion.conf #}
{#
NOTE: curl/cmd.run usage to fetch gpg key has limited functionality behind proxy. Environments with salt >= 2017.7 should use
key_url specified at pkgrepo.manage state (which uses properly configured http_host at minion.conf). Older versions of
salt require to have proxy set at ENV and curl way to fetch gpg key here can have a sense for backward compatibility.

Be aware that as of salt 2018.3 no_proxy option is not implemented at all.
{% endif %}

{# key_url fetch by curl when salt <2017.7, higher version of salt has
fixed bug for using a proxy_host/port specified at minion.conf

NOTE: curl/cmd.run usage to fetch gpg key has limited functionality behind proxy.
Environments with salt >= 2017.7 should use key_url specified at
pkgrepo.manage state (which uses properly configured http_host at
minion.conf). Older versions of salt require to have proxy set at
ENV and curl way to fetch gpg key here can have a sense for backward
compatibility. Be aware that as of salt 2018.3 no_proxy option is
not implemented at all.
#} #}
{%- elif repo.key_url|default(False) and grains['saltversioninfo'] < [2017, 7] and not repo.key_url.startswith('salt://') %}


{%- elif repo.key_url|default(False) and grains['saltversioninfo'] < [2017, 7] and not repo.key_url.startswith('salt://') %}
linux_repo_{{ name }}_key: linux_repo_{{ name }}_key:
cmd.run: cmd.run:
- name: "curl -sL {{ repo.key_url }} | apt-key add -" - name: "curl -sL {{ repo.key_url }} | apt-key add -"
- require_in: - require_in:
{%- if repo.get('default', False) %}
{%- if repo.get('default', False) %}
- file: default_repo_list - file: default_repo_list
{% else %}
{% else %}
- pkgrepo: linux_repo_{{ name }} - pkgrepo: linux_repo_{{ name }}
{% endif %}

{%- endif %} {# 2 #}

{%- if repo.get('default', False) %} {# 1 #}
{%- do default_repos.update({name: repo}) %} {# for 'default' repos #}

{%- else %} {# for all others repos #}
{% endif %}
{%- endif %}


{%- if repo.get('enabled', True) %}
{%- if repo.get('default', False) %}
{%- do default_repos.update({name: repo}) %}
{%- else %}


{%- if repo.get('enabled', True) %}
linux_repo_{{ name }}: linux_repo_{{ name }}:
pkgrepo.managed: pkgrepo.managed:
{%- if repo.ppa is defined %}
{%- if repo.ppa is defined %}
- ppa: {{ repo.ppa }} - ppa: {{ repo.ppa }}
{%- else %}
{%- else %}
- humanname: {{ name }} - humanname: {{ name }}
- name: {{ repo.source }} - name: {{ repo.source }}
{%- if repo.architectures is defined %}
{%- if repo.architectures is defined %}
- architectures: {{ repo.architectures }} - architectures: {{ repo.architectures }}
{%- endif %}
{%- endif %}
- file: /etc/apt/sources.list.d/{{ name }}.list - file: /etc/apt/sources.list.d/{{ name }}.list
- clean_file: {{ repo.clean|default(True) }} - clean_file: {{ repo.clean|default(True) }}
{%- if repo.key_id is defined %}
{%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }} - keyid: {{ repo.key_id }}
{%- endif %}
{%- if repo.key_server is defined %}
{%- endif %}
{%- if repo.key_server is defined %}
- keyserver: {{ repo.key_server }} - keyserver: {{ repo.key_server }}
{%- endif %}
{%- if repo.key_url is defined and (grains['saltversioninfo'] >= [2017, 7] or repo.key_url.startswith('salt://')) %}
{%- endif %}
{%- if repo.key_url is defined and (grains['saltversioninfo'] >= [2017, 7] or repo.key_url.startswith('salt://')) %}
- key_url: {{ repo.key_url }} - key_url: {{ repo.key_url }}
{%- endif %}
{%- endif %}
- consolidate: {{ repo.get('consolidate', False) }} - consolidate: {{ repo.get('consolidate', False) }}
- clean_file: {{ repo.get('clean_file', False) }} - clean_file: {{ repo.get('clean_file', False) }}
- refresh_db: {{ repo.get('refresh_db', True) }} - refresh_db: {{ repo.get('refresh_db', True) }}
- require: - require:
# FIXME remove this usless part
- pkg: linux_repo_prereq_pkgs - pkg: linux_repo_prereq_pkgs
{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- if repo.get('proxy', {}).get('enabled', False) %}
- file: /etc/apt/apt.conf.d/99proxies-salt-{{ name }} - file: /etc/apt/apt.conf.d/99proxies-salt-{{ name }}
{%- endif %}
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
{%- endif %}
{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
- file: /etc/apt/apt.conf.d/99proxies-salt - file: /etc/apt/apt.conf.d/99proxies-salt
{%- endif %}
{%- if system.purge_repos|default(False) %}
{%- endif %}
{%- if system.purge_repos|default(False) %}
- file: purge_sources_list_d_repos - file: purge_sources_list_d_repos
{%- endif %}
{%- endif %}

{%- else %}

{%- endif %}
{%- endif %}
{%- else %}
linux_repo_{{ name }}_absent: linux_repo_{{ name }}_absent:
pkgrepo.absent: pkgrepo.absent:
{%- if repo.ppa is defined %}
{%- if repo.ppa is defined %}
- ppa: {{ repo.ppa }} - ppa: {{ repo.ppa }}
{%- if repo.key_id is defined %}
{%- if repo.key_id is defined %}
- keyid_ppa: {{ repo.keyid_ppa }} - keyid_ppa: {{ repo.keyid_ppa }}
{%- endif %}
{%- else %}
{%- endif %}
{%- else %}
- file: /etc/apt/sources.list.d/{{ name }}.list - file: /etc/apt/sources.list.d/{{ name }}.list
{%- if repo.key_id is defined %}
{%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }} - keyid: {{ repo.key_id }}
{%- endif %}
{%- endif %}
{%- endif %}
{%- endif %}
file.absent: file.absent:
- name: /etc/apt/sources.list.d/{{ name }}.list - name: /etc/apt/sources.list.d/{{ name }}.list
{%- endif %}
{%- endif %} {# 1 #}


{%- endif %}

{%- endif %} {# 1 #}

{#- os_family Debian #}
{%- endif %}
{%- endif %}


{%- if grains.os_family == "RedHat" %}
{%- if grains.os_family == "RedHat" %}


{%- if repo.get('enabled', True) %}
{%- if repo.get('enabled', True) %}


{%- if repo.get('proxy', {}).get('enabled', False) %}
{%- if repo.get('proxy', {}).get('enabled', False) %}
# PLACEHOLDER # PLACEHOLDER
# TODO, implement per proxy configuration for Yum # TODO, implement per proxy configuration for Yum
{%- endif %}
{%- endif %}


{%- if not repo.get('default', False) %}
{%- if not repo.get('default', False) %}
linux_repo_{{ name }}: linux_repo_{{ name }}:
pkgrepo.managed: pkgrepo.managed:
- name: {{ name }} - name: {{ name }}
- humanname: {{ repo.get('humanname', name) }} - humanname: {{ repo.get('humanname', name) }}
{%- if repo.mirrorlist is defined %}
{%- if repo.mirrorlist is defined %}
- mirrorlist: {{ repo.mirrorlist }} - mirrorlist: {{ repo.mirrorlist }}
{%- else %}
{%- else %}
- baseurl: {{ repo.source }} - baseurl: {{ repo.source }}
{%- endif %}
{%- endif %}
- gpgcheck: {% if repo.get('gpgcheck', False) %}1{% else %}0{% endif %} - gpgcheck: {% if repo.get('gpgcheck', False) %}1{% else %}0{% endif %}
{%- if repo.gpgkey is defined %}
{%- if repo.gpgkey is defined %}
- gpgkey: {{ repo.gpgkey }} - gpgkey: {{ repo.gpgkey }}
{%- endif %}
{%- endif %}
- require: - require:
- pkg: linux_repo_prereq_pkgs - pkg: linux_repo_prereq_pkgs
{%- endif %}
{%- endif %}


{#- repo.enabled is false #}
{%- else %}
{%- else %}
pkgrepo.absent: pkgrepo.absent:
- name: {{ repo.source }} - name: {{ repo.source }}
{%- endif %}
{%- endif %}


{#- os_family Redhat #}
{%- endif %}
{%- endif %}


{#- repo.items() loop #}
{%- endfor %}
{%- endfor %}


{%- if default_repos|length > 0 and grains.os_family == 'Debian' %}
{%- if default_repos|length > 0 and grains.os_family == 'Debian' %}


default_repo_list: default_repo_list:
file.managed: file.managed:
- user: root - user: root
- group: root - group: root
- mode: 0644 - mode: 0644
{%- if system.purge_repos|default(False) %}
{%- if system.purge_repos|default(False) %}
- replace: True - replace: True
{%- endif %}
{%- endif %}
- defaults: - defaults:
default_repos: {{ default_repos }} default_repos: {{ default_repos }}
- require: - require:
- watch: - watch:
- file: default_repo_list - file: default_repo_list


{%- endif %}
{%- endif %}


{%- endif %} {%- endif %}

Loading…
Cancel
Save