Various major behavioural changes

lib/puppet/type/apt_key.rb

@@ -62,7 +62,7 @@
     newvalues(/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/)
   end
 
-  newparam(:keyserver_options) do
+  newparam(:options) do
     desc 'Additional options to pass to apt-key\'s --keyserver-options.'
   end
 

manifests/init.pp

@@ -1,24 +1,51 @@
 #
 class apt(
-  $proxy                = {},
-  $always_apt_update    = false,
-  $apt_update_frequency = 'reluctantly',
-  $purge_sources_list   = false,
-  $purge_sources_list_d = false,
-  $purge_preferences    = false,
-  $purge_preferences_d  = false,
-  $update_timeout       = undef,
-  $update_tries         = undef,
-  $sources              = undef,
+  $update   = {},
+  $purge    = {},
+  $proxy    = {},
+  $sources  = {},
+  $keys     = {},
+  $ppas     = {},
+  $settings = {},
 ) inherits ::apt::params {
 
+  $frequency_options = ['always','daily','weekly','reluctantly']
+  validate_hash($update)
+  if $update['frequency'] {
+    validate_re($update['frequency'], $frequency_options)
+  }
+  if $update['always'] {
+    validate_bool($update['always'])
+  }
+  if $update['timeout'] {
+    unless is_integer($update['timeout']) {
+      fail('timeout value for update must be an integer')
+    }
+  }
+  if $update['tries'] {
+    unless is_integer($update['tries']) {
+      fail('tries value for update must be an integer')
+    }
+  }
+
+  $_update = merge($::apt::update_defaults, $update)
   include apt::update
 
-  $frequency_options = ['always','daily','weekly','reluctantly']
-  validate_re($apt_update_frequency, $frequency_options)
+  validate_hash($purge)
+  if $purge['sources.list'] {
+    validate_bool($purge['sources.list'])
+  }
+  if $purge['sources.list.d'] {
+    validate_bool($purge['sources.list.d'])
+  }
+  if $purge['preferences'] {
+    validate_bool($purge['preferences'])
+  }
+  if $purge['preferences.d'] {
+    validate_bool($purge['preferences.d'])
+  }
 
-  validate_bool($purge_sources_list, $purge_sources_list_d,
-                $purge_preferences, $purge_preferences_d)
+  $_purge = merge($::apt::purge_defaults, $purge)
 
   validate_hash($proxy)
   if $proxy['host'] {
@@ -35,19 +62,29 @@
 
   $_proxy = merge($apt::proxy_defaults, $proxy)
 
+  validate_hash($sources)
+  validate_hash($keys)
+  validate_hash($settings)
+  validate_hash($ppas)
+
   if $proxy['host'] {
     apt::setting { 'conf-proxy':
       priority => '01',
       content  => template('apt/_header.erb', 'apt/proxy.erb'),
     }
   }
 
-  $sources_list_content = $purge_sources_list ? {
+  $sources_list_content = $_purge['sources.list'] ? {
     false => undef,
     true  => "# Repos managed by puppet.\n",
   }
 
-  if $always_apt_update == true {
+  $preferences_ensure = $_purge['preferences'] ? {
+    false => file,
+    true  => absent,
+  }
+
+  if $_update['always'] {
     Exec <| title=='apt_update' |> {
       refreshonly => false,
     }
@@ -59,7 +96,7 @@
   }
 
   file { 'sources.list':
-    ensure  => present,
+    ensure  => file,
     path    => $::apt::sources_list,
     owner   => root,
     group   => root,
@@ -73,25 +110,30 @@
     path    => $::apt::sources_list_d,
     owner   => root,
     group   => root,
-    purge   => $purge_sources_list_d,
-    recurse => $purge_sources_list_d,
+    mode    => '0644',
+    purge   => $_purge['sources.list.d'],
+    recurse => $_purge['sources.list.d'],
     notify  => Exec['apt_update'],
   }
 
-  if $purge_preferences {
-    file { 'apt-preferences':
-      ensure => absent,
-      path   => $::apt::preferences,
-    }
+  file { 'preferences':
+    ensure => $preferences_ensure,
+    path   => $::apt::preferences,
+    owner  => root,
+    group  => root,
+    mode   => '0644',
+    notify => Exec['apt_update'],
   }
 
   file { 'preferences.d':
     ensure  => directory,
     path    => $::apt::preferences_d,
     owner   => root,
     group   => root,
-    purge   => $purge_preferences_d,
-    recurse => $purge_preferences_d,
+    mode    => '0644',
+    purge   => $_purge['preferences.d'],
+    recurse => $_purge['preferences.d'],
+    notify  => Exec['apt_update'],
   }
 
   # Need anchor to provide containment for dependencies.
@@ -100,8 +142,19 @@
   }
 
   # manage sources if present
-  if $sources != undef {
-    validate_hash($sources)
+  if $sources {
     create_resources('apt::source', $sources)
   }
+  # manage keys if present
+  if $keys {
+    create_resources('apt::key', $keys)
+  }
+  # manage ppas if present
+  if $ppas {
+    create_resources('apt::ppa', $ppas)
+  }
+  # manage settings if present
+  if $settings {
+    create_resources('apt::setting', $settings)
+  }
 }

manifests/key.pp

@@ -7,7 +7,7 @@
 #
 # === Parameters
 #
-# [*key*]
+# [*id*]
 #   _default_: +$title+, the title/name of the resource
 #
 #   Is a GPG key ID or full key fingerprint. This value is validated with
@@ -23,95 +23,93 @@
 #   * +present+
 #   * +absent+
 #
-# [*key_content*]
+# [*content*]
 #   _default_: +undef+
 #
 #   This parameter can be used to pass in a GPG key as a
 #   string in case it cannot be fetched from a remote location
 #   and using a file resource is for other reasons inconvenient.
 #
-# [*key_source*]
+# [*source*]
 #   _default_: +undef+
 #
 #   This parameter can be used to pass in the location of a GPG
 #   key. This URI can take the form of a:
 #   * +URL+: ftp, http or https
 #   * +path+: absolute path to a file on the target system.
 #
-# [*key_server*]
+# [*server*]
 #   _default_: +undef+
 #
 #   The keyserver from where to fetch our GPG key. It can either be a domain
-#   name or url. It defaults to
-#   undef which results in apt_key's default keyserver being used,
-#   currently +keyserver.ubuntu.com+.
+#   name or url. It defaults to +keyserver.ubuntu.com+.
 #
-# [*key_options*]
+# [*options*]
 #   _default_: +undef+
 #
 #   Additional options to pass on to `apt-key adv --keyserver-options`.
 define apt::key (
-  $key         = $title,
-  $ensure      = present,
-  $key_content = undef,
-  $key_source  = undef,
-  $key_server  = undef,
-  $key_options = undef,
+  $id      = $title,
+  $ensure  = present,
+  $content = undef,
+  $source  = undef,
+  $server  = $::apt::keyserver,
+  $options = undef,
 ) {
 
-  validate_re($key, ['\A(0x)?[0-9a-fA-F]{8}\Z', '\A(0x)?[0-9a-fA-F]{16}\Z', '\A(0x)?[0-9a-fA-F]{40}\Z'])
+  validate_re($id, ['\A(0x)?[0-9a-fA-F]{8}\Z', '\A(0x)?[0-9a-fA-F]{16}\Z', '\A(0x)?[0-9a-fA-F]{40}\Z'])
   validate_re($ensure, ['\Aabsent|present\Z',])
 
-  if $key_content {
-    validate_string($key_content)
+  if $content {
+    validate_string($content)
   }
 
-  if $key_source {
-    validate_re($key_source, ['\Ahttps?:\/\/', '\Aftp:\/\/', '\A\/\w+'])
+  if $source {
+    validate_re($source, ['\Ahttps?:\/\/', '\Aftp:\/\/', '\A\/\w+'])
   }
 
-  if $key_server {
-    validate_re($key_server,['\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$'])
+  if $server {
+    validate_re($server,['\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$'])
   }
 
-  if $key_options {
-    validate_string($key_options)
+  if $options {
+    validate_string($options)
   }
 
   case $ensure {
     present: {
-      if defined(Anchor["apt_key ${key} absent"]){
-        fail("key with id ${key} already ensured as absent")
+      if defined(Anchor["apt_key ${id} absent"]){
+        fail("key with id ${id} already ensured as absent")
       }
 
-      if !defined(Anchor["apt_key ${key} present"]) {
+      if !defined(Anchor["apt_key ${id} present"]) {
         apt_key { $title:
-          ensure            => $ensure,
-          id                => $key,
-          source            => $key_source,
-          content           => $key_content,
-          server            => $key_server,
-          keyserver_options => $key_options,
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
         } ->
-        anchor { "apt_key ${key} present": }
+        anchor { "apt_key ${id} present": }
       }
     }
 
     absent: {
-      if defined(Anchor["apt_key ${key} present"]){
-        fail("key with id ${key} already ensured as present")
+      if defined(Anchor["apt_key ${id} present"]){
+        fail("key with id ${id} already ensured as present")
       }
 
-      if !defined(Anchor["apt_key ${key} absent"]){
+      if !defined(Anchor["apt_key ${id} absent"]){
         apt_key { $title:
-          ensure            => $ensure,
-          id                => $key,
-          source            => $key_source,
-          content           => $key_content,
-          server            => $key_server,
-          keyserver_options => $key_options,
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
         } ->
-        anchor { "apt_key ${key} absent": }
+        anchor { "apt_key ${id} absent": }
       }
     }
 

manifests/params.pp

@@ -11,6 +11,7 @@
   $conf_d         = "${root}/apt.conf.d"
   $preferences    = "${root}/preferences"
   $preferences_d  = "${root}/preferences.d"
+  $keyserver      = 'keyserver.ubuntu.com'
 
   if $::osfamily != 'Debian' {
     fail('This module only works on Debian or derivatives like Ubuntu')
@@ -31,12 +32,33 @@
     }
   }
 
+  $update_defaults = {
+    'always'    => false,
+    'frequency' => 'reluctantly',
+    'timeout'   => undef,
+    'tries'     => undef,
+  }
+
   $proxy_defaults = {
     'host'  => undef,
     'port'  => 8080,
     'https' => false,
   }
 
+  $purge_defaults = {
+    'sources.list'   => true,
+    'sources.list.d' => true,
+    'preferences'    => true,
+    'preferences.d'  => true,
+  }
+
+  $source_key_defaults = {
+    'server'  => $keyserver,
+    'options' => undef,
+    'content' => undef,
+    'source'  => undef,
+  }
+
   $file_defaults = {
     'owner' => 'root',
     'group' => 'root',

manifests/ppa.pp

@@ -10,8 +10,8 @@
     fail('lsbdistcodename fact not available: release parameter required')
   }
 
-  if $::operatingsystem != 'Ubuntu' {
-    fail('apt::ppa is currently supported on Ubuntu only.')
+  if $::apt::distid != 'ubuntu' {
+    fail('apt::ppa is currently supported on Ubuntu and LinuxMint only.')
   }
 
   $filename_without_slashes = regsubst($name, '/', '-', 'G')