Merge "Use unattended upgrades."
This commit is contained in:
Jenkins
Gerrit Code Review
commit
b9eb2151a3
@ -17,8 +17,12 @@ class openstack_base {
|
|||||||
$packages = ["puppet",
|
$packages = ["puppet",
|
||||||
"git",
|
"git",
|
||||||
"python-setuptools",
|
"python-setuptools",
|
||||||
"python-virtualenv"]
|
"python-virtualenv",
|
||||||
package { $packages: ensure => "latest" }
|
"python-software-properties",
|
||||||
|
"bzr",
|
||||||
|
"byobu",
|
||||||
|
"emacs23-nox"]
|
||||||
|
package { $packages: ensure => "present" }
|
||||||
|
|
||||||
realize (
|
realize (
|
||||||
User::Virtual::Localuser["mordred"],
|
User::Virtual::Localuser["mordred"],
|
||||||
@ -34,6 +38,7 @@ class openstack_template ($iptables_public_tcp_ports) {
|
|||||||
include openstack_base
|
include openstack_base
|
||||||
include ssh
|
include ssh
|
||||||
include snmpd
|
include snmpd
|
||||||
|
include apt::unattended-upgrades
|
||||||
|
|
||||||
class { 'iptables':
|
class { 'iptables':
|
||||||
public_tcp_ports => $iptables_public_tcp_ports,
|
public_tcp_ports => $iptables_public_tcp_ports,
|
||||||
@ -50,11 +55,6 @@ class openstack_template ($iptables_public_tcp_ports) {
|
|||||||
hasrestart => true,
|
hasrestart => true,
|
||||||
require => Package['ntp'],
|
require => Package['ntp'],
|
||||||
}
|
}
|
||||||
|
|
||||||
$packages = ["python-software-properties",
|
|
||||||
"bzr",
|
|
||||||
"byobu"]
|
|
||||||
package { $packages: ensure => "latest" }
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# A server that we expect to run for some time
|
# A server that we expect to run for some time
|
||||||
|
|||||||
@ -21,6 +21,7 @@ class openstack_cron {
|
|||||||
class openstack_jenkins_slave {
|
class openstack_jenkins_slave {
|
||||||
include openstack_cron
|
include openstack_cron
|
||||||
include tmpreaper
|
include tmpreaper
|
||||||
|
include apt::unattended-upgrades
|
||||||
class { 'openstack_server':
|
class { 'openstack_server':
|
||||||
iptables_public_tcp_ports => []
|
iptables_public_tcp_ports => []
|
||||||
}
|
}
|
||||||
@ -458,7 +459,7 @@ node /^oneiric.*\.slave\.openstack\.org$/ {
|
|||||||
include openstack_jenkins_slave
|
include openstack_jenkins_slave
|
||||||
|
|
||||||
package { "tox":
|
package { "tox":
|
||||||
ensure => latest,
|
ensure => latest, # okay to use latest for pip
|
||||||
provider => pip,
|
provider => pip,
|
||||||
require => Package[python-pip],
|
require => Package[python-pip],
|
||||||
}
|
}
|
||||||
|
|||||||
6
modules/apt/files/10periodic
Normal file
6
modules/apt/files/10periodic
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
APT::Periodic::Enable "1";
|
||||||
|
APT::Periodic::Update-Package-Lists "1";
|
||||||
|
APT::Periodic::Download-Upgradeable-Packages "1";
|
||||||
|
APT::Periodic::AutocleanInterval "5";
|
||||||
|
APT::Periodic::Unattended-Upgrade "1";
|
||||||
|
APT::Periodic::RandomSleep "1800";
|
||||||
30
modules/apt/files/50unattended-upgrades
Normal file
30
modules/apt/files/50unattended-upgrades
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
// Automatically upgrade packages from these (origin, archive) pairs
|
||||||
|
Unattended-Upgrade::Allowed-Origins {
|
||||||
|
// ${distro_id} and ${distro_codename} will be automatically expanded
|
||||||
|
"${distro_id} stable";
|
||||||
|
"${distro_id} ${distro_codename}-security";
|
||||||
|
"${distro_id} ${distro_codename}-updates";
|
||||||
|
// "${distro_id} ${distro_codename}-proposed-updates";
|
||||||
|
};
|
||||||
|
|
||||||
|
// List of packages to not update
|
||||||
|
Unattended-Upgrade::Package-Blacklist {
|
||||||
|
// "vim";
|
||||||
|
// "libc6";
|
||||||
|
// "libc6-dev";
|
||||||
|
// "libc6-i686";
|
||||||
|
};
|
||||||
|
|
||||||
|
// Send email to this address for problems or packages upgrades
|
||||||
|
// If empty or unset then no email is sent, make sure that you
|
||||||
|
// have a working mail setup on your system. The package 'mailx'
|
||||||
|
// must be installed or anything that provides /usr/bin/mail.
|
||||||
|
Unattended-Upgrade::Mail "root@localhost";
|
||||||
|
|
||||||
|
// Do automatic removal of new unused dependencies after the upgrade
|
||||||
|
// (equivalent to apt-get autoremove)
|
||||||
|
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
|
||||||
|
|
||||||
|
// Automatically reboot *WITHOUT CONFIRMATION* if a
|
||||||
|
// the file /var/run/reboot-required is found after the upgrade
|
||||||
|
//Unattended-Upgrade::Automatic-Reboot "false";
|
||||||
24
modules/apt/manifests/unattended-upgrades.pp
Normal file
24
modules/apt/manifests/unattended-upgrades.pp
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
class apt::unattended-upgrades($email='') {
|
||||||
|
package { 'unattended-upgrades':
|
||||||
|
ensure => present;
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/etc/apt/apt.conf.d/10periodic':
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => 444,
|
||||||
|
ensure => 'present',
|
||||||
|
source => "puppet:///modules/apt/10periodic",
|
||||||
|
replace => 'true',
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/etc/apt/apt.conf.d/50unattended-upgrades':
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => 444,
|
||||||
|
ensure => 'present',
|
||||||
|
source => "puppet:///modules/apt/50unattended-upgrades",
|
||||||
|
replace => 'true',
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
@ -2,15 +2,15 @@
|
|||||||
class devstack_host {
|
class devstack_host {
|
||||||
|
|
||||||
package { "linux-headers-virtual":
|
package { "linux-headers-virtual":
|
||||||
ensure => "latest",
|
ensure => present,
|
||||||
}
|
}
|
||||||
|
|
||||||
package { "mysql-server":
|
package { "mysql-server":
|
||||||
ensure => "latest",
|
ensure => present,
|
||||||
}
|
}
|
||||||
|
|
||||||
package { "rabbitmq-server":
|
package { "rabbitmq-server":
|
||||||
ensure => "latest",
|
ensure => present,
|
||||||
require => File['rabbitmq-env.conf'],
|
require => File['rabbitmq-env.conf'],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -116,16 +116,16 @@ class gerrit($virtual_hostname='',
|
|||||||
"apache2"]
|
"apache2"]
|
||||||
|
|
||||||
package { $packages:
|
package { $packages:
|
||||||
ensure => "latest",
|
ensure => present,
|
||||||
}
|
}
|
||||||
|
|
||||||
package { "python-pip":
|
package { "python-pip":
|
||||||
ensure => latest,
|
ensure => present,
|
||||||
require => Package[python-dev]
|
require => Package[python-dev]
|
||||||
}
|
}
|
||||||
|
|
||||||
package { "github2":
|
package { "github2":
|
||||||
ensure => latest,
|
ensure => latest, # okay to use latest for pip
|
||||||
provider => pip,
|
provider => pip,
|
||||||
require => Package[python-pip]
|
require => Package[python-pip]
|
||||||
}
|
}
|
||||||
@ -310,6 +310,16 @@ class gerrit($virtual_hostname='',
|
|||||||
require => File["/home/gerrit2/review_site/etc"]
|
require => File["/home/gerrit2/review_site/etc"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
file { '/home/gerrit2/review_site/etc/gerrit.config.puppet':
|
||||||
|
owner => 'gerrit2',
|
||||||
|
group => 'gerrit2',
|
||||||
|
mode => 644,
|
||||||
|
ensure => 'present',
|
||||||
|
content => template('gerrit/gerrit.config.erb'),
|
||||||
|
replace => 'true',
|
||||||
|
require => File["/home/gerrit2/review_site/etc"]
|
||||||
|
}
|
||||||
|
|
||||||
file { '/home/gerrit2/review_site/hooks/change-merged':
|
file { '/home/gerrit2/review_site/hooks/change-merged':
|
||||||
owner => 'root',
|
owner => 'root',
|
||||||
group => 'root',
|
group => 'root',
|
||||||
@ -507,10 +517,9 @@ class gerrit($virtual_hostname='',
|
|||||||
require => Exec["download:$war"],
|
require => Exec["download:$war"],
|
||||||
ensure => present,
|
ensure => present,
|
||||||
replace => 'true',
|
replace => 'true',
|
||||||
# user, group, and mode have to be set this way to avoid retriggering gerrit-init on every run
|
# user, and mode have to be set this way to avoid retriggering gerrit-init on every run
|
||||||
# because gerrit init sets them this way
|
# because gerrit init sets them this way
|
||||||
owner => 'gerrit2',
|
owner => 'gerrit2',
|
||||||
group => 'gerrit2',
|
|
||||||
mode => 644,
|
mode => 644,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -32,7 +32,7 @@ class jenkins_jobs($site, $projects) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
package { "python-jenkins":
|
package { "python-jenkins":
|
||||||
ensure => latest,
|
ensure => latest, # okay to use latest for pip
|
||||||
provider => pip,
|
provider => pip,
|
||||||
require => Package[python-pip],
|
require => Package[python-pip],
|
||||||
}
|
}
|
||||||
|
|||||||
@ -76,11 +76,11 @@ class jenkins_slave($ssh_key, $sudo = false, $bare = false, $user = true) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
package { $packages:
|
package { $packages:
|
||||||
ensure => "latest",
|
ensure => present,
|
||||||
}
|
}
|
||||||
|
|
||||||
package { "git-review":
|
package { "git-review":
|
||||||
ensure => latest,
|
ensure => latest, # okay to use latest for pip
|
||||||
provider => pip,
|
provider => pip,
|
||||||
require => Package[python-pip],
|
require => Package[python-pip],
|
||||||
}
|
}
|
||||||
|
|||||||
@ -11,7 +11,7 @@ class lodgeit {
|
|||||||
"drizzle",
|
"drizzle",
|
||||||
"python-mysqldb" ]
|
"python-mysqldb" ]
|
||||||
|
|
||||||
package { $packages: ensure => latest }
|
package { $packages: ensure => present }
|
||||||
|
|
||||||
package { 'SQLAlchemy':
|
package { 'SQLAlchemy':
|
||||||
provider => pip,
|
provider => pip,
|
||||||
|
|||||||
@ -3,7 +3,7 @@
|
|||||||
class logrotate {
|
class logrotate {
|
||||||
|
|
||||||
package { "logrotate":
|
package { "logrotate":
|
||||||
ensure => latest,
|
ensure => present,
|
||||||
}
|
}
|
||||||
|
|
||||||
file { "/etc/logrotate.d":
|
file { "/etc/logrotate.d":
|
||||||
|
|||||||
@ -36,7 +36,7 @@ class meetbot {
|
|||||||
}
|
}
|
||||||
|
|
||||||
package { ['supybot', 'nginx', 'python-twisted']:
|
package { ['supybot', 'nginx', 'python-twisted']:
|
||||||
ensure => latest
|
ensure => present
|
||||||
}
|
}
|
||||||
|
|
||||||
service { "nginx":
|
service { "nginx":
|
||||||
|
|||||||
@ -11,7 +11,7 @@ class pypimirror ( $base_url,
|
|||||||
}
|
}
|
||||||
|
|
||||||
package { 'pip':
|
package { 'pip':
|
||||||
ensure => latest,
|
ensure => latest, # okay to use latest for pip
|
||||||
provider => 'pip',
|
provider => 'pip',
|
||||||
require => Package['python-pip'],
|
require => Package['python-pip'],
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
class ssh {
|
class ssh {
|
||||||
package { openssh-server: ensure => latest }
|
package { openssh-server: ensure => present }
|
||||||
service { ssh:
|
service { ssh:
|
||||||
ensure => running,
|
ensure => running,
|
||||||
hasrestart => true,
|
hasrestart => true,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user